[Zope] Apache Authentication Problem

Jean-Francois.Doyon at CCRS.NRCan.gc.ca Jean-Francois.Doyon at CCRS.NRCan.gc.ca
Wed Aug 11 11:56:19 EDT 2004


I do much of the same thing, although I don't worry about authentication,
since anonymous access is OK in my case.

Jim's option is one, another would be to see if you can write something that
could check Zope credentials, to kind of mimick mod_auth and related
standard Apache modules.  I suppose this could be a combination of
mod_python and ZClient for example.

J.F.

-----Original Message-----
From: zope-bounces at zope.org [mailto:zope-bounces at zope.org]On Behalf Of
Jim Kutter
Sent: August 11, 2004 8:56 AM
To: Will Smith
Cc: zope at zope.org
Subject: RE: [Zope] Apache Authentication Problem


Will - 

This is an issue we've had as well.

One thing I would suggest trying is to develop some layer either on top
of zope that handles the requests to download the files.

An external method or even a Zope Product which reads files off a
non-web accessible path, then feeds the data to the web client would
suffice. However the benefits of having Apache serve the files is lost.

-jim

-----Original Message-----
From: Will Smith [mailto:witisi at yahoo.com] 
Sent: Tuesday, August 10, 2004 11:14 AM
To: zope at zope.org
Subject: [Zope] Apache Authentication Problem


We currently have an applition that uses apache to serve alot of large 
files out of the filesystem (650MB each).  I would like to convert the 
web interface over to zope to unify our site.  I would prefer to keep 
the large files in the filesystem, primarily because we already have 
tools to manage them there.  I also am very comfortable with apache 
serving these large files, and really do not wish to put this task up to

the ZServer.

I currently have zope setup behind a VM in apache.  I have created a 
simple product that lists the files and creates the links to the files 
served by apache.  I am able to integrate this info into our site very 
nicely.

Problem...

Since zope is not serving the files, I cannot prevent users from 
accessing them.  I can control access to the links, but if you cut and 
paste the URL apache will server them to anyone, without even logging 
into zope.

Any Ideas?

Thanks,

Will Smith

_______________________________________________
Zope maillist  -  Zope at zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope-dev )

271 North Avenue
Suite 1210
New Rochelle, NY 10801

ebizQ Links
Webinars  http://www.ebizq.net/webinars/?campaign=exchange
White Papers http://www.ebizq.net/white_papers/?campaign=exchange


_______________________________________________
Zope maillist  -  Zope at zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope-dev )


More information about the Zope mailing list