[Zope] Re: [Zope-DB] How to prevent the manage from outer
connections ?
Dieter Maurer
dieter at handshake.de
Fri Jul 23 15:53:02 EDT 2004
fowlertrainer at anonym.hu wrote at 2004-7-23 08:36 +0200:
>...
>It is an intranet site, but some functions are needed to access from
>"outernet".
>
>I don't want to anyone manage my site from outside.
>How to prevent these requests ?
A "PostAuthenticationHook" might help you.
In such a hook, you can check whether the current user
has a "Manager" role and raise "Unauthorized" when it comes
from outside your intranet.
Zope does not support "PostAuthenticationHooks" out of the box
(I think, at least).
But there are two implementations around: one is in the Zope collector,
the other is on my Zope page
<http://www.dieter.handshake.de/pyprojects/zope>
--
Dieter
More information about the Zope
mailing list