[Zope] How to prevent web access to specific folder ?

Chris Withers chris at simplistix.co.uk
Fri Oct 7 04:12:38 EDT 2005


Vladimir Petrovic wrote:
> I know this can be done by restricting View/Access Contents information 
> privileges for folders/scripts to the specific role and then giving DTML 
> methods proxy role. But, is there any other easier methods ?

That is the only sane way to do it..

> I've tried using access_rule, but the is to allow ZMI to work. At the time 
> when access_rule is called user is not authenticated, so I cannot 
> check if the current user is manager on not.

You might try something clunky with a rewrite rule on your front end 
proxy server, but I wouldn't trust that...

cheers,

Chris

-- 
Simplistix - Content Management, Zope & Python Consulting
            - http://www.simplistix.co.uk



More information about the Zope mailing list