--- Will Smith <witisi@yahoo.com> wrote:
We currently have an applition that uses apache to serve alot of large files out of the filesystem (650MB each). I would like to convert the web interface over to zope to unify our site. I would prefer to keep the large files in the filesystem, primarily because we already have tools to manage them there. I also am very comfortable with apache serving these large files, and really do not wish to put this task up to the ZServer. <...snip...> Since zope is not serving the files, I cannot prevent users from accessing them. I can control access to the links, but if you cut and paste the URL apache will server them to anyone, without even logging into zope.
Will, Have you looked at mod_auth_remote? It allows you to have your Apache web directory require authentication against Zope. That way, if anyone did directly access the files' URLs, they would be challenged for credentials. Read about it at http://blog.colorstudy.com/ianb/weblog/2003/11/30.html Get it from http://puggy.symonds.net/~srp/stuff/mod_auth_remote/ It was written for Apache 2.x but its author says it now works with 1.3.x - Rob __________________________________ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail