[Zope] - Zope and SSL

Andreas Kostyrka andreas@ag.or.at
Sat, 12 Dec 1998 12:39:58 +0100 (CET) 

On Sat, 12 Dec 1998, Ronald Offerman wrote:

> > On Fri, 11 Dec 1998, Ronald Offerman wrote:
> > 
> > > I can run a secure Zope using pcgi and Apache-SSL. Anyone know of a way how to 
> > > have ZopeHTTPServer do SSL?
> > Use mod_proxy with Apache-SSL. For example:
> > RewriteEngine on
> > RewriteRule ^/intern(.*)        http://127.0.0.2:5000$1 [P]
> What is the advantage over running Zope using pcgi and Apache-SSL?
> I already use Apache Redirect for some secure parts of current websites, any 
> advantage using the ReWriteEngine over Redirect? (besides it being invisible 
> to the user)
The ReWriteEngine can do redirects too :)
When I remember right, its:
RewriteRule ^/intern(.*)        https://somehost/$1 [R]

The advantages compared to pcgi:
-) BHS is multithreaded. Not much use with Zope, but important for my
   stuff :). pcgi at the moment is being developed to be concurrent.
-) pcgi processes run as the Webserver user, so you are limited to uid
   management a la Apache. BHS runs as the user it is started :)
   With some small patches to BHS one could even run it as root to allow
   remote as-root administration of a box.

The proxy stuff has the advantage, that you can hide the real http
interface somewhere on the inside (I like to create IP aliases for the
loopback device *g*), and all accesses must go trough the external
gateway.

> > 
> > This assumes two things:
> > -) You have an 127.0.0.2 lo:0 alias active ;)
> > -) You have a patched BoboHTTPServer.py running there.
> No problem to setup on our servers.
> > 
> > > I don't want to allow management over insecure channels so is it possible to 
> > > use a rewrite/URL refresh rule in Zope for /manage (it should redirect to 
> > > https:)
> > That's another thing I've been thinking about:
> > -) BoboHTTPServer when running in nonssl mode should map the Non-Auth
> >    error code to another error code -> When accessing the http:// url
> >    the user isn't even prompted for an username/password :)
> What do you intend to accomplish doing this?
Easy. Take a site X, you could have http://X/ and https://X/ with the same
content. Now some functions require user authentication -> But the
credentials NEVER EVER should be send in clean, ...

So by killing the ``Not authorized'' (401?) error code, the user never
even gets the possibility to enter a password when working in the clear :)
Which should be a strong reminder to switch over to the secure server :)

Andreas
-- 
Win95: n., A huge annoying boot virus that causes random spontaneous system
     crashes, usually just before saving a massive project.  Easily cured by
     UNIX.  See also MS-DOS, IBM-DOS, DR-DOS, Win 3.x, Win98.