[Zope] zope access to external files
Dylan Reinhardt
zope@dylanreinhardt.com
Tue, 04 Mar 2003 11:42:36 -0800
At 10:37 AM 3/4/2003, Ricardo Anguiano wrote:
>The files will be updated nightly. The distinction between static
>files which are updated often and dynamic content has never been clear
>to me. The files are large so I don't want to stick them into the
>zope db.
To some degree that's an academic question.
My $.02 would be that any content that remains static between updates is
static, regardless of how often that process occurs.
Content should be regarded as dynamic when it changes or works differently
depending on state or environment.
> > If so, I'd recommend putting Apache in front of Zope and letting
> > Apache handle it with a RewriteRule like:
> >
> > RewriteRule ^/files/(.*) /home/httpd/mysite/files/$1 [L]
> >
> > It doesn't get much easier than that. ;-)
>
>True, but this option was rejected because there was no
>authentication. We could do a .htaccess thing, but we are already
>using zope and it already does users nicely.
True enough. It's possible to get Apache to do authorization and pass
through authentication to Zope, but I've not tried it.
One old reference that may help is here:
http://lugwash.washtenaw.cc.mi.us/linux-users/199907/0078.html
Obviously, you're probably not using Zope.cgi, but I expect that this can
be adapted to VHM pretty easily.
But this might not be the *easiest* solution for one-stop TTW management...
localfs is probably that solution
> > > I want to be able to say, "The contents of directory X are
> > > available only to user Y."
> >
> > This isn't a great idea, for the most part. If you're looking for
> > more than trivial security, I wouldn't volunteer information like
> > that.
>
>Hmm. I don't understand. Zope provides lots of control over users,
>roles and content. Are you saying I should ignore that framework and
>use something else?
I'm suggesting that giving unauthorized people clues how to crack your
security is a mistake in any environment... Zope included.
But maybe I'm just paranoid. :-)
Dylan