Marcin Kasperski writes:
As I finally installed mod_proxy_add_forward, I get original address in X-Forwarded-For header (REQUEST['HTTP_X_FORWARDED_FOR']).
The question is: can I do something easy to automatically perform if(remote_ip = 127.0.0.1 and X-Forwarded-For exists) then set remote_ip = whatever is in X-Forwarded-For logic? In particular, I would like changed IP to be used by Zope access control and Zope log. .... If you do not want to patch Apache, you can use a SiteAccess (--> zope.org) AccessRule in your top (logical) folder to modify your REQUEST object as you like.
Does there exist some sample of such usage? Can such a change be performed before authorization? The SiteAccess HowTo (documentation?) contains an example how to turn a path component into a REQUEST binding. Your case is much simpler, very straight forward.
I use SiteRoot to translate addressess between external and internal (in subdirectories, not in main directory). Can those approaches be merged one with another? They can. If you like, you can replace your SiteRoot (which in fact are simple forms of AccessRules) with full blown AccessRules and put the REMOTE_IP justification into them. However, I would do it in the root folder to have it at a single place.
Dieter