But if you've got Apache ssl as well then it's more secure.<br><br>The problem I've found is that you can't put this in the httpd.conf unless it is wrapped in a <Directory></Directory> directive<br><br>AuthType Basic
<br>AuthName "Members Only"<br>AuthUserFile /path/to/.htpasswd<br>require valid-user<br><br>And the virutual host doesn't have a directory. If I were to place this in the zope root then I would password protect all the sites. I only wan't to password protect one etc.
<br><br><div><span class="gmail_quote">On 2/8/06, <b class="gmail_sendername">Andreas Pakulat</b> <<a href="mailto:apaku@gmx.de">apaku@gmx.de</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
On 07.02.06 23:58:20, michael nt milne wrote:<br>> Also, just to say that I did a test on only letting authenticated and<br>> managers view the root page of the site over ssl. If you just cancelled the<br>> login box or closed it, the whole front page was displayed without any css
<br>> but you could still get all the content.<br><br>Then you had the proper rights somehow.<br><br>> I've had this quite a bit before so that's why I'm looking into Apache<br>> authentication. I just don't think that Zope authentication is secure.
<br><br>Authentication via .htpasswd uses the same HTTP method as the basic<br>login into Zope. It's not more or less secure than authenticating<br>directly with Zope.<br><br>Andreas<br><br>--<br>There is a 20% chance of tomorrow.
<br>_______________________________________________<br>Zope maillist - <a href="mailto:Zope@zope.org">Zope@zope.org</a><br><a href="http://mail.zope.org/mailman/listinfo/zope">http://mail.zope.org/mailman/listinfo/zope</a>
<br>** No cross posts or HTML encoding! **<br>(Related lists -<br> <a href="http://mail.zope.org/mailman/listinfo/zope-announce">http://mail.zope.org/mailman/listinfo/zope-announce</a><br> <a href="http://mail.zope.org/mailman/listinfo/zope-dev">
http://mail.zope.org/mailman/listinfo/zope-dev</a> )<br></blockquote></div><br><br clear="all"><br>-- <br>Michael