[Zope] applying domain access restrictions to all users

Danny William Adair danny@adair.net
Fri, 14 Sep 2001 15:06:39 +1200


Hi Richard,

Not really out-of-the-box, but there is a very easy (and purely Zope) 
solution for that:

In the folder you want to restrict access to, put a Python Script as an 
"access_rule" (see the "SiteAccess 2" product, included in Zope 2.30+ 
http://www.zope.org/Members/4am/SiteAccess2) and inside that Script take a 
look at REQUEST['REMOTE_ADDR'], and do whatever is needed if e.g. you don't 
like someone's remote address.

Of course, you don't get the comfort of .htaccess "from all" and these kind 
of things, but some simple string juggling will let you do exactly the same 
thing.

Maybe you want to take a look at the "domainSpecMatch(spec, request)" 
function in lib/python/Access Control/User.py, it does the matching for 
Zope's domain restrictions concerning individual users.

hth and isn't too short,
Danny

At 22:14 13/09/2001 +0200, Dieter Maurer wrote:
>Richard Barrett writes:
>  > I know that with the stock Zope UserFolder it is possible to restrict the
>  > IP domains from which each user is allowed to "log in" but is there any
>  > standard method for restricting the IP domain that is applied to all user
>  > trying to access a URL on a Zope server. Let me be specific: does Zope
>  > provide a direct analogue for putting what follows in an .htaccess 
> file of
>  > an Apache served directory?
>  >
>  > <Limit GET>
>  > order deny,allow
>  > deny from all
>  > allow from .mydomain.co.uk
>  > </Limit>
>Zope does not support this.
>But you can put Zope behind Apache....
>
>
>Dieter
>
>_______________________________________________
>Zope maillist  -  Zope@zope.org
>http://lists.zope.org/mailman/listinfo/zope
>**   No cross posts or HTML encoding!  **
>(Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )