Will - This is an issue we've had as well. One thing I would suggest trying is to develop some layer either on top of zope that handles the requests to download the files. An external method or even a Zope Product which reads files off a non-web accessible path, then feeds the data to the web client would suffice. However the benefits of having Apache serve the files is lost. -jim -----Original Message----- From: Will Smith [mailto:witisi@yahoo.com] Sent: Tuesday, August 10, 2004 11:14 AM To: zope@zope.org Subject: [Zope] Apache Authentication Problem We currently have an applition that uses apache to serve alot of large files out of the filesystem (650MB each). I would like to convert the web interface over to zope to unify our site. I would prefer to keep the large files in the filesystem, primarily because we already have tools to manage them there. I also am very comfortable with apache serving these large files, and really do not wish to put this task up to the ZServer. I currently have zope setup behind a VM in apache. I have created a simple product that lists the files and creates the links to the files served by apache. I am able to integrate this info into our site very nicely. Problem... Since zope is not serving the files, I cannot prevent users from accessing them. I can control access to the links, but if you cut and paste the URL apache will server them to anyone, without even logging into zope. Any Ideas? Thanks, Will Smith _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev ) 271 North Avenue Suite 1210 New Rochelle, NY 10801 ebizQ Links Webinars http://www.ebizq.net/webinars/?campaign=exchange White Papers http://www.ebizq.net/white_papers/?campaign=exchange