security and domain
hello zopers, Here is my situation : I have a zope hosted behind apache and virtual monster When i need the ip address of a visitor I use HTTP_X_FORWARDED_FOR I want some users to log only from a specific IP for example : 100.100.50.25 If I set 'domain' in the acl_user fiels to that IP, it doesn't work, I guess the domain it returns is the domain of the Apache or proxy server. Is there a workaround for the domain to be checked against the HHTP_X_FORWARDED instead of the IP_ADDRESS ??? Any help or pointers is welcome...
Use Access Rules. They will transparently watch all the requests to any object within a folder(or the root), and perform what you want based on them. Also, you may find useful the following how-to: http://wohnheim.fh-wedel.de/~dietmar/wohnheim/access.html Ausum ----- Original Message ----- From: "Nicolas LAURANCE" <nicolas.laurance@expert-rh.com> To: <zope@zope.org> Sent: Wednesday, December 04, 2002 6:07 AM Subject: [Zope] security and domain
hello zopers,
Here is my situation :
I have a zope hosted behind apache and virtual monster When i need the ip address of a visitor I use HTTP_X_FORWARDED_FOR
I want some users to log only from a specific IP for example : 100.100.50.25
If I set 'domain' in the acl_user fiels to that IP, it doesn't work, I guess the domain it returns is the domain of the Apache or proxy server. Is there a workaround for the domain to be checked against the HHTP_X_FORWARDED instead of the IP_ADDRESS ???
Any help or pointers is welcome...
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Nicolas LAURANCE writes:
I have a zope hosted behind apache and virtual monster When i need the ip address of a visitor I use HTTP_X_FORWARDED_FOR Don't.
Go to <http://www.dieter.handshake.de/pyprojects/zope> Look for "Patches --> VirtualHostMonster - RemoteAddr patch". Dieter
Is there any chance this will make it into core zope VHM/SiteAccess? It's insanely useful, and doesn't appear to break anything... KJL On Fri, 2002-12-06 at 08:36, Dieter Maurer wrote:
Nicolas LAURANCE writes:
I have a zope hosted behind apache and virtual monster When i need the ip address of a visitor I use HTTP_X_FORWARDED_FOR Don't.
Go to
<http://www.dieter.handshake.de/pyprojects/zope>
Look for "Patches --> VirtualHostMonster - RemoteAddr patch".
Dieter
On Friday 06 December 2002 12:49 am, KevinL wrote:
Is there any chance this will make it into core zope VHM/SiteAccess? It's insanely useful, and doesn't appear to break anything...
A different change is proposed for 2.7. http://dev.zope.org/Wikis/DevSite/Proposals/RemoteAddrAndAccelerators
participants (5)
-
Ausum Studio -
Dieter Maurer -
KevinL -
Nicolas LAURANCE -
Toby Dickenson