[Zope-CMF] Simple?!? Authorization Problem
Marc Fischer
marcbpc@gmx.de
Thu, 13 Sep 2001 09:27:29 +0200 (MEST)
Hi Christoph,
Thanks for your note.
I just have installed appache in front of zope an use proxypass in order to
get apache behave like a proxy.
look at: http://www.zope.org/Members/anser/apache_zserver
It really works fine. There are just two problems. First of all, ... how
could I prevent that people don't use the "apache-way" to get into the intranet,
if they go directly to the zope server. (But I think, thats possible If I
restrict the access to zope only from the localhost, isn't it?)
The second and in my opinion the bigger problem is, if I protect the apache
proxy path with a password I get access to Zope. Thats ok, but If I try to
call the .../manage method to manage the zopeserver through apache I get
another password check. (This time from zope). If I insert my zope admin password,
I am not longer authorized to access the apache proxy. ... and so on :-(
Hopefully you understand my question, If not, I will send you a Mail in
german :-)
> Marc,
>
> why donīt you do this outside (before) Zope - either via
> .htaccess, or a login
> outside the Zope environment (perl/php and mysql-user-database)?
>
> Or you use a double firewall system which is far more secure, and
> place the server in
> a "neutralized" zone.
>
> Cheers,
> Christoph
>
> Marc Fischer wrote:
>
> > Hi,
> >
> > I have just a little problem ... (hopefully :-)
> > I am developing an Intranet based on cmf. Everything works fine
> ... those
> > people of our firm who want to publish their own content are
> able to join and
> > do it. Other do not need a member account and just read some content.
> >
> > Now I want to protect the Intranet with first of all one global
> password,
> > that everyone of the firm knows. But how? After you access the
> site with this
> > global account, you are in a member like role, and it is not
> possible to join
> > anymore, because you are logged in the portal?
> >
> > Does someone understand my question? I just want to protect the
> CMF Portal
> > with a password and after passing this, you should be in an
> anonymous-like
> > role, so that you can still join and get your own account!
> >
> > Thanks in advance ...
> >
> > Marc
> >
> > PS: Please tell me if my question is to much confusing!
--
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net