[Zope3-Users] zope 3 apache and SSL
C. H.
c at kikazi.com
Sun Aug 26 20:46:00 EDT 2007
I've determined a method to of solving my problem using the
2 include files that I show below in the event that it may give
someone else struggling with the same problem a place
to start:
# First I made all content on the site accessible only through the
# secure server.
<VirtualHost your_host_internet_address:80>
ServerName sasa.local
DocumentRoot /var/www/empty
RedirectPermanent / https://sasa.local/
</VirtualHost>
# Then include the rewrite rule for the zope site in the same virtual
host
# definition as the secure server
Listen 443
NameVirtualHost *:443
<VirtualHost _default_:443>
ServerName sasa.local
SSLEngine on
SSLCertificateFile /etc/httpd/ssl/ca.crt
SSLCertificateKeyFile /etc/httpd/ssl/ca.key
ServerName sasa.local
CustomLog "/var/log/httpd/sasa-access.log" combined
ErrorLog "/var/log/httpd/sasa-error.log"
LogLevel warn
ServerSignature On
RewriteEngine On
RewriteRule ^/files/(.*) - [L]
RewriteRule ^/wcsite(/?.*) \
http://localhost:8080/wcsite/++vh++https:%{SERVER_NAME}:443/
wcsite/++$1 [P,L]
</VirtualHost>
On Aug 21, 2007, at 4:07 PM, C. H. wrote:
>
>
> Is the cannonical technique for setting up a zope 3 instance behind
> an apache server with SSL activated documented in detail anywhere?
>
>
> Here's what I've tried (actually, I tried about 10**3 other things,
> but
> this was the first and, I think the most sensible):
>
> I have a zope 3 instance with a PAU configured with
> No Challenge if Authenticated
> Session Credentials
> Zope Realm Basic-Auth
>
> If I disable SSL in my apache server, and configure a virtual host
> as follows, access is fine using xmlrpc (http://
> user:pass at sasa.local/rfolder/r1)
> and when using a browser to access http://sasa.local/rfolder/r1 I'm
> presented
> a login form (as expected). Life is good:
>
> <VirtualHost *>
> ServerName sasa.local
> ServerAlias sasa.local *.sasa.local
> DocumentRoot "/home/zwc/"
>
> CustomLog "/var/log/httpd/sasa-access.log" combined
> ErrorLog "/var/log/httpd/sasa-error.log"
> LogLevel debug
> ServerSignature On
>
> RewriteEngine On
> RewriteRule ^/files/(.*) - [L]
> RewriteRule ^/(.*) \
> http://localhost:8080/wcsite/++vh++http:%{SERVER_NAME}:80/+
> +/$1 [P,L]
> </VirtualHost>
>
> However, if I enable SSL in apache and configure a virtual host (by
> changing
> the rewrite rule) as follows, access is still fine using xmlrpc but
> I get the error
> "You don't have permission to access /@@loginForm.html on this
> server."
> when I attempt to access (http://sasa.local/rfolder/r1) using a
> browser
>
> <VirtualHost *>
> ServerName sasa.local
> ServerAlias sasa.local *.sasa.local
> ServerAdmin c at kikazi.com
> DocumentRoot "/home/zwc"
>
> CustomLog "/var/log/httpd/sasa-access.log" combined
> ErrorLog "/var/log/httpd/sasa-error.log"
> LogLevel debug
> ServerSignature On
>
> RewriteEngine On
> RewriteRule ^/files/(.*) - [L]
> RewriteRule ^/(.*) \
> http://localhost:8080/wcsite/++vh++https:%{SERVER_NAME}:443/
> ++/$1 [P,L]
> </VirtualHost>
> ~
>
>
>
>
> _______________________________________________
> Zope3-users mailing list
> Zope3-users at zope.org
> http://mail.zope.org/mailman/listinfo/zope3-users
More information about the Zope3-users
mailing list