[Zope] Restrict users by IP?
Tino Wildenhain
tino@wildenhain.de
Thu, 01 Nov 2001 11:39:58 +0100
Hi Mathew,
--On Tuesday, October 30, 2001 09:06:15 -0500 "Matthew L. Wirges"
<wirges@cerias.purdue.edu> wrote:
> I've been trying to restrict users by IP (like in an apache .htaccess
> file) with Zope. This page,
> http://www.zope.org/Members/muesli/AuthByAddress,
> seemed like it would hold the answer. I tried this method but
> unfortunately I can't add a user with an IP with wildcards to the
> acl_users folder.
> E.G.
> Domain: 128.46.*
> or
> Domain: 128.46.*.*
>
> Anyone been able to do this?
I'm working on this problem for a while now (not continous during the
time : projects mismatch ;)
What I have so far are the mathematics objects for filtering IP-addresses.
Like this:
host=IPv4(REMOTE_ADDR)
FilterList=[IPv4CIDR('192.168.15.0/24'),IPv4CIDR('172.16.5.65/29')]
if host in FilterList:
giveAccess()
else:
denyAccess()
The problem is the backward-compatibility with this simple asterisc
approach which is built in now. I could change all the x.*, x.x.*
x.x.x.* patterns to x/8, x.x/16, x.x.x/24 (which is implemented
in the class already). But then, we have the hostnames. I'm open
to really good ideas here.
The remains of the algorithms are easy to implement.
You can have a look at it at
http://www.zope.org/Members/tino/IPPatternAuthentication/IPHelper.py
Regards
Tino