[Zope] securing webdav

[David Pratt]

Hi Sascha. I realize that you can forward a port this way but this 
requires providing server accounts to users in addition to zope 
accounts.  scponly is a product to remove other shell functionality - 
so you can hand out accounts in a more untrusted situation.  Either 
way, handing out server accounts is not something I favor.

I am looking for either for a proper zope solution or a way of using 
the apache proxy to accomplish this.  David is right, I have also seen 
very little about securing webdav outside of ZServerSSL and m2crypto.  
Anyone happy with the results? I am not even certain if it works with 
2.8.

What about sftp? Anyone using Zope Corp's sftp package that can 
comment? I believe twisted is in the mix for Zope3 and sftp.  Can 
anyone comment on this or whether this solution has some potential for 
Zope2.  I think the Zope Corp idea was twisted obtaining the data on 
port and supplying the data to zope in the background.

Regards,
David

On Saturday, September 24, 2005, at 08:39 AM, Sascha Ottolski wrote:

> Am Samstag, 24. September 2005 01:08 schrieb David Bear:
>> I run zope in back of apache, and let apache handle tls/ssl.
>>
>> In all the searching on zope.org <http://zope.org> though I haven't 
>> found
>> any documents on how to let apache handle securing webdav for zope as 
>> well.
>>
>> Anyone see/written such?
>
> depending on your situation, a ssh tunnel might be feasible; works 
> perfectly.
> small drawback is, you obviously have to open a ssh session first 
> (ssh-agent
> is your friend).
>
>
> Cheers, Sascha
> _______________________________________________
> Zope maillist  -  Zope at zope.org
> http://mail.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://mail.zope.org/mailman/listinfo/zope-announce
>  http://mail.zope.org/mailman/listinfo/zope-dev )
>