some SSL some clear content - needs two zope instances?
Hello. We are in the process of setting up a Zope site - some of which requires SSL some does not. So, do I need two Zope servers or can I avoid this somehow? My first thought was to put all the SSL content in a folder and have all the DTML methods check the REQUEST['SERVER_PORT'] and makes sure it's 443. I don't really know how safe that is as I don't know where SERVER_PORT comes from - the client or the server? Anyways, I can't do that for ZSQL methods or images so that won't work regardless. So what are my other options? I was thinking of maybe an SSLFolder product that won't allow any content to be viewed unless it's coming in on a given (default 443) port (or maybe some other means of checking for SSL) Or adding a "Viewable without SSL" permission - but I really don't know what either of those would entail. Any suggestions are greatly appreciated. Especially on a simpler way to solve the problem without two Zope servers installed. ^Roman
Roman Milner wrote:
Hello. We are in the process of setting up a Zope site - some of which requires SSL some does not.
maybe just two rewrite rules in apache conf (assuming you are using apache)- organize your content in two trees /z/ https http with shared data/methods in z have a rewrite rule pointing to /z/https/ in your :443/SSL VirtualHost RewriteRule ^/z/(.*) /home/httpd/zope2/Zope.cgi/https/$1 [e=HTTP_CG..... and to /z/http/ in your :80 VirtualHost RewriteRule ^/z/(.*) /home/httpd/zope2/Zope.cgi/http/$1 [e=HTTP_CG..... ------------ Hannu
participants (2)
-
Hannu Krosing -
Roman Milner