[Zope] How to prevent web access to specific folder ?
Dieter Maurer
dieter at handshake.de
Sat Oct 8 06:14:19 EDT 2005
Vladimir Petrovic wrote at 2005-10-6 17:44 +0300:
> ... restricting Web Publishing in specific folders ...
>I know this can be done by restricting View/Access Contents information
>privileges for folders/scripts to the specific role and then giving DTML
>methods proxy role. But, is there any other easier methods ?
There may be several alternative options:
* an "AccessRule"
Two potential problems:
- they can be deactivated by the incomming request
(but you can comment out the deactivating code)
- authentication has not yet taken place;
the user identity is not yet known
* a "Post-Authentication-Hook"
I think (but I am not sure) that Zope 2.8 has implemented them.
If not, my Zope page contains a patch (for older Zope versions,
will not work out of the box for Zope 2.8) for
a "Post-Authentication-Hook" implementation.
<http://www.dieter.handshake.de/pyprojects/zope>
--
Dieter
More information about the Zope
mailing list