[Zope] httpd.conf help
mindlace
mindlace@imeme.net
Wed, 22 Mar 2000 20:36:55 +0000
Erick Mechler wrote:
> - user starts at www.mydomain.edu (http)
> - user goes to www.mydomain.edu/internal which is secure (https) and
> requires a password for entry
> - all pages under www.mydomain.edu/internal are secure (https)
>
> I'm having trouble getting this to work with out Zope-ified site, however.
> What I would like is to have Apache handle all password authentication, and
> I would like it to happen over ssl. Is this possible at all?
>
> Any help would be appreciated.
Sure. I'm using mod_ssl and apache 1.3.12:
My conf is like this:
<VirtualHost 216.17.170.666:80>
ProxyPass / http://imeme.net:6666/
ProxyPassReverse / http://imeme.net:6666/
</VirtualHost>
<VirtualHost 216.17.170.666:443>
ProxyPass / http://imeme.net:6666/
ProxyPassReverse / http://imeme.net:6666/
ServerName imeme.net
ServerAdmin mindlace@imeme.net
ErrorLog /path/to/apache/logs/error_log
TransferLog /path/to/apache/logs/access_log
SSLEngine on
SSLCertificateFile /path/to/apache/conf/ssl.crt/server.crt
SSLCertificateKeyFile /path/to/apache/conf/ssl.key/server.key
</VirtualHost>
I have zope actually running standalone on port 6666. Then I use
SiteAccess.
The access rule should look like this for you:
look for internal, then munge the result to be 0 if not found:
<dtml-if "1+(_.string.find(PATH_INFO, 'internal'))">
<dtml-call "REQUEST.set('SiteRootBASE','https://www.mydomain.edu')">
<dtml-else>
<dtml-call "REQUEST.set('SiteRootBASE','http://www.mydomain.edu')">
</dtml-if>
then you want to put a SiteRoot object in your root folder, leaving
everything as per default.
As long as your first links to /internal are written as https:// the
austhentification should be over ssl. The access rule makes sure any
dynamically generated URLs under /internal are written as https://
~ethan fremen
--
http://mindlace.net __________________ mindlace@imeme.net
I don't want The Truth but I wouldn't mind a Big Analogy.