[Zope] Can ZServer or ZPublisher be coaxed to return port 80 response..??

Eric.Roby Eric.Roby at noaa.gov
Sat Jan 14 08:46:14 EST 2006


We have a new firewall and firewall guru...  He wants the firewall to 
handle and route port 80/443 requests to pound instances running on port 
8080 and 8443.  Whereby pound routes said requests to appropriate 
back-end Zope servers (running on other high-end ports).  Obviously - in 
this new scenario - Zope will return requests with the 8080 and 8443 
ports attached to the response URL.  He wants Zope to respond, in-kind, 
with URLs re-written to port 80 and 443.  I have tried messing with Site 
Access (messing with SERVER_URL in the REQUEST) and can strip out the 
8080 and replace with 80, but there are side effects and this just 
doesn't seem right.

Is there a saner way, possibly within the zope.conf config items (like 
CGI)  or some other deep "ZopeZen" magic that can address this or would 
it require some deep patching  ..??

Certainly Apache (re-write) between pound and Zope would probably 
address this but that seems kinda silly...

Yes - we had a very nice, clean, simple setup before with pound running 
on the low ports, however, there seems to be concerns (now) that pound 
is a security risk running on low ports in our DMZ.  I recommended 
RootJail but it seems he is insisting on pushing this new scenario.

Any suggestion(s) or points to docs greatly appreciated..

Long time Zope user....

TIA

Eric


More information about the Zope mailing list