michael nt milne wrote:
Yes, I do realise that it's hard. Regarding the cookie comment that was the reason I wanted to use Apache <location> based login.
Huh? I'm sure some people would love to know how those two things relate in your head...
I do realise that leaving a logon cookie is insecure and that comment was perhaps misguided. I started to think about usability etc.
If you're lucky, you might get a system that's both insecure _and_ unusable ;-)
I'm going to block 8080 at the router/firewall level as Zope obviously needs to keep serving through 8080 to Apache.
using iptables in the box is probably a better idea...
As for the issue with IE6 and editing pages over SSL it all works fine in Firefox 1.5, so it's a browser issue which I just can't quite fathom just now.
I doubt it, my guess would still be that you're doing something wrong somewhere... Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk