[Zope] Virtual host admin under Apache+ZServer+SiteAccess
J M Cerqueira Esteves
jmce@artenumerica.com
Fri, 2 Jun 2000 04:45:21 +0100
On Thu, Jun 01, 2000 at 06:18:25PM -0600, ethan mindlace fremen wrote:
> o Some basic hooks to support virtual hosting (a la
> SiteAccess) have been designed and will be added
> to allow product authors to write virtual hosting
> support without fragile dependencies on parts of
> the Zope core.
Greetings
For security reasons, I would like to do web administration of remote Zope
installations via ssh port forwarding. For instance, while running
ssh -g -L 8080:foo.bar:8080 foo.bar
one can access a ZServer on foo.bar:8080 using http://localhost:8080/.
However, I'm using Apache with ZServer and SiteAccess for virtual
hosting as documented in http://www.zope.org/Members/anser/apache_zserver,
and this has a nasty implication: once I activate a SiteRoot inside some
Zope folder "/parrot" for making it the top folder of a virtual host
http://parrot.bar/, the use of URLs under http://parrot.bar/ is forced
whenever administering content under the "/parrot" folder, even if
arriving from a foo.bar:8080 document: the browser is then no longer
connecting through the secure channel but talking directly with
http://parrot.bar/. Of course this could also be redirected, but not so
easily.
In this example, it would be nice to be able to administer the contents
of http://parrot.bar/ either via parrot.bar (typically for less
sensitive content, end users) or via foo.bar:8080 (more delicate
administrative tasks, administrators which know how to encrypt
communication with ssh). Is there interest (or is it feasible) to make
virtual hosting support evolve to allow this? (I didn't think much
about the implications, but can already notice a problem under the
virtual hosting strategy above (ZServer+Apache): how to make Zope
"guess" if it should write absolute URLs for parrot.bar or for foo.bar:8080?)
Even better would be web content administration under SSL, of course :)
jmce: +351 919838775 ~ http://artenumerica.com/ ~ http://artenumerica.org/