[Zope] Restricting access via IP address?
Paul Browning
paul.browning@bristol.ac.uk
Mon, 26 Apr 1999 11:13:49 +0100 (British Summer Time)
My thanks to Kent Polk for reminding me where I'd
seen the bit in the Manager's Guide which allows
you to use Zope's built-in security mechanisms by setting
the 'Domain' rules for an acl_users user name (you need
to set a dummy user for this purpose).
Thanks also to Rob Page who (off list) took time out
to show me how to do it "manually". I append Rob's
DTML code.
Paul
--
The Library, Tyndall Avenue, Univ. of Bristol, Bristol, BS8 1TJ, UK
E-mail: paul.browning@bris.ac.uk URL: http://www.bris.ac.uk/
One of many ways to do this would be to break apart the IP address with
something like:
<!--#var standard_html_header-->
<!--#comment-->
Display the remote address just for fun...
<!--#/comment-->
<!--#var REMOTE_ADDR-->
<!--#comment-->
This next statement takes the REMOTE_ADDR
variable and breaks it into four tokens using
the period as the split character. The result
is an array called IP_Address_Octets. This array
is then stuffed into the address space of the
REQUEST making it available later in this
document.
<!--#/comment-->
<!--#var expr="REQUEST.set('IP_Address_Octets',
_.string.split(REMOTE_ADDR,'.'))" fmt=""-->
<!--#comment-->
Show what we just did
<!--#/comment-->
<!--#var IP_Address_Octets-->
<!--#comment-->
Now we can compare the four elements to something
we're testing for...
<!--#/comment-->
<!--#if expr="IP_Address_Octets[0] == '137' and IP_Address_Octets[1] ==
'222'"-->
<P>Octet 1 and 2 are localhost</P>
<P>You can see this</P>
<!--#else-->
<!--#var permission_denied_message-->
<!--#/if-->
<!--#var standard_html_footer-->