[Zope] Access Permission by Domain and without Login?
Jens Vagelpohl
jens at dataflake.org
Mon Jun 14 11:10:29 EDT 2004
Those can be spoofed as well. There's no increased security there.
jens
On Jun 14, 2004, at 10:57 AM, Passin, Tom wrote:
> I asked for suggestions on restricting access to otherwise
> anonymously-accessable pages and methods. It has been pointed out to
> me
> off line that that restriction by domain *name* can have security
> problems. But my terminology was misleading, becaues that is not quite
> what I had in mind.
>
> I am asking about restriction by specific IP number ranges, like
> 140.90.*.*, not by domain *name*.
>
> Cheers,
>
> Tom P
>
>>
>> For a Zope 2.7/Plone 2 site, I would like to restrict
>> (otherwise) anonymous access to certain specific pages or
>> methods to people making the request from specific domains.
>> I know that I can specify a domain for a particular user, but
>> I want this to apply to anyone, without any special per-user
>> configuration, and without requiring a login.
>>
>> Also I want to do this without putting Zope behind Apache or
>> any other proxy, if this is possible.
>>
>> I don't recall seeing this discussed. Does anyone have
>> suggestions as to how to accomplish this?
>
> _______________________________________________
> Zope maillist - Zope at zope.org
> http://mail.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://mail.zope.org/mailman/listinfo/zope-announce
> http://mail.zope.org/mailman/listinfo/zope-dev )
More information about the Zope
mailing list