[Zope] Access Permission by Domain and without Login?

Passin, Tom tpassin at mitretek.org
Mon Jun 14 10:57:48 EDT 2004


I asked for suggestions on restricting access to otherwise
anonymously-accessable pages and methods.  It has been pointed out to me
off line that that restriction by domain *name* can have security
problems.  But my terminology was misleading, becaues that is not quite
what I had in mind.  

I am asking about restriction by specific IP number ranges, like
140.90.*.*, not by domain *name*.

Cheers,

Tom P

> 
> For a Zope 2.7/Plone 2 site, I would like to restrict 
> (otherwise) anonymous access to certain specific pages or 
> methods to people making the request from specific domains.  
> I know that I can specify a domain for a particular user, but 
> I want this to apply to anyone, without any special per-user 
> configuration, and without requiring a login.
> 
> Also I want to do this without putting Zope behind Apache or 
> any other proxy, if this is possible.  
> 
> I don't recall seeing this discussed.  Does anyone have 
> suggestions as to how to accomplish this?



More information about the Zope mailing list