On Fri, 11 Dec 1998, Ronald Offerman wrote:
I can run a secure Zope using pcgi and Apache-SSL. Anyone know of a way how to have ZopeHTTPServer do SSL? Use mod_proxy with Apache-SSL. For example: RewriteEngine on RewriteRule ^/intern(.*) http://127.0.0.2:5000$1 [P] What is the advantage over running Zope using pcgi and Apache-SSL? I already use Apache Redirect for some secure parts of current websites, any advantage using the ReWriteEngine over Redirect? (besides it being invisible to the user)
This assumes two things: -) You have an 127.0.0.2 lo:0 alias active ;) -) You have a patched BoboHTTPServer.py running there. No problem to setup on our servers.
I don't want to allow management over insecure channels so is it possible to use a rewrite/URL refresh rule in Zope for /manage (it should redirect to https:) That's another thing I've been thinking about: -) BoboHTTPServer when running in nonssl mode should map the Non-Auth error code to another error code -> When accessing the http:// url the user isn't even prompted for an username/password :) What do you intend to accomplish doing this?
-- <- Ronald Offerman | ron@gjt-it.nl <- Root Powered Carrot Munchers Ltd. Inc. SA AG BV "Daddy, why do those people have to use Microsoft Windows?" "Don't stare, son; it's not polite." "M$ Windows NT, an accident waiting to happen" "What goes up, must come down. Ask any system administrator."