<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
<tt>Dieter Maurer wrote:</tt>
<blockquote cite="mid17063.13243.224820.228570@gargle.gargle.HOWL"
type="cite">
<pre wrap=""><tt>Nikko Wolf wrote at 2005-6-7 14:25 -0600:
</tt></pre>
<blockquote type="cite">
<pre wrap=""><tt>- I do not want ANY access by unauthorized users. Obviously they
must be able to reach a login page, and get instructions on how
to request an account, password reset, etc.
</tt></pre>
</blockquote>
<pre wrap=""><!----><tt>
Put all content in a subfolder of your site and
remove "View" and "Access contents information" from
"Anonymous".
</tt></pre>
</blockquote>
<tt>See previous post. Is there a current, good tutorial for securing
Plone from unauthorized use (SSL notwithstanding)?<br>
<br>
</tt>
<blockquote cite="mid17063.13243.224820.228570@gargle.gargle.HOWL"
type="cite">
<blockquote type="cite">
<pre wrap=""><tt>- Here's the complication -- each file will have potentially
multiple versions in process at once. Each version of a file
may have a different state, and I'd like to have a history of
all changes to each version as they go through the workflow.
</tt></pre>
</blockquote>
<pre wrap=""><!----><tt>
Indeed, a bit more complex.
I would model a "file" as a folder like structure containing
the various versions and give it the "right" behaviour.
</tt></pre>
</blockquote>
<tt>Currently, I've implemented scripts to do part of this -- although
I would not say I've "modeled" anything as much as simply "implemented"
scripts & ZPT to allow access in the manner needed.<br>
<br>
The issue is that there is no separation of workflow and content
view/actions, and there should be, since the workflow may change and
I'd like to use the workflow interface to handle those changes (if
possible).<br>
</tt><br>
<blockquote cite="mid17063.13243.224820.228570@gargle.gargle.HOWL"
type="cite">
<blockquote type="cite">
<pre wrap=""><tt>- Once a file/version is submitted for review, any of the reviewers
may work on it, it is not necessary that one role preceded the other,
but it is required that a user in each role approve the file.
</tt></pre>
</blockquote>
<pre wrap=""><!----><tt>
What does that mean?
Do you have "technical reviewer", "style revierwer", "aestetic reviewer",
... and require that at least one from each role approves?
</tt></pre>
</blockquote>
<tt>Something like that: someone from each role must approve the
version before it can be submitted for final editor approval (not
exactly footnotes to a bibliography added by different roles / experts
in a field, but that's similar). Hence, they will actually make minor
changes/additions before they approve.<br>
</tt>
<blockquote cite="mid17063.13243.224820.228570@gargle.gargle.HOWL"
type="cite">
<pre wrap=""><tt>
- We need to have good automated backup solution for the content
(as in mirroring the content on another host).
</tt></pre>
<pre wrap=""><!----><tt>
There is a commercial Zope.com solution.
We use mirrored disks and a high availablity cluster.
</tt></pre>
</blockquote>
<tt>Ah, the drawback of an opaque (and custom) data store. <br>
<br>
Instead I've got a cron script that will shutdown zope and backup the
entire directory tree. Soon I'll add a second script to pull these
files back from the DMZ for archival/storage.<br>
<br>
However my question is this -- is it necessary for me to shutdown zope
to snapshot the directory? Given the times of access, I'm *almost*
guaranteed that it's been idle for 1+ hours when I do this (famous last
words, though those may be).<br>
<br>
Knowing that zope is event-driven (and no sleeper thread):<br>
-- is there any consistency issues of backing up (Data.fs)<br>
without stopping?<br>
-- is there another feature of "zopectl" that would tell <br>
it to "sync" the DB to the file system? "help" gives:<br>
EOF fg kill quit run start test<br>
adduser foreground logreopen reload shell status wait<br>
debug help logtail restart show stop<br>
<br>
After some testing, I'll probably share the script & crontab
entries.<br>
</tt><br>
<blockquote cite="mid17063.13243.224820.228570@gargle.gargle.HOWL"
type="cite">
<pre wrap=""><!----><tt><blockquote type="cite"><pre wrap=""><tt>4) How does one secure a Zope+Plone site?</tt></pre></blockquote>
One uses HTTPS and standard authentication.
One tells the users that good passwords are essential.
One does not store clear text password.
</tt></pre>
</blockquote>
<tt>The content isn't important enough that I worry about anything that
even simple passwords and SSL can't prevent.<br>
<br>
I've looked but found no Zope SSL capabilities, s</tt><tt>o does this
requires placing Zope behind Apache, </tt><tt>right? <br>
Ref: <a class="moz-txt-link-freetext" href="http://www.zope.org/Members/simonb/howtos/Set%20Up%20SSL">http://www.zope.org/Members/simonb/howtos/Set%20Up%20SSL</a><br>
<br>
Thanks in advance,<br>
Nikko<br>
<br>
<br>
</tt>
</body>
</html>