<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
<div><span class="555342323-15022006"><font face="Arial" size="2">We're
running Plone for internal departmental use. I'm going to lock down
most of the content, requiring a login to view sensitive documents. But
I also want our Google Mini appliance to crawl all content. The problem
is that the appliance does not accept cookies. So Plone and Zope don't
recognize a user account as the crawler attempts to move through links.</font></span></div>
<div><span class="555342323-15022006"></span> </div>
<div><span class="555342323-15022006"><font face="Arial" size="2">I am
thinking of granting
the Google Mini appliance "transparent" access by reading the http
headers of incoming requests and granting access if:<br>
</font></span></div>
<div><span class="555342323-15022006"><font face="Arial" size="2"> -
the header includes the correct client string <br>
AND</font></span></div>
<div><span class="555342323-15022006"><font face="Arial" size="2"> -
The IP address of the requesting machine is owned by the Google Mini
host.<br>
</font></span></div>
<br>
<div><span class="555342323-15022006"><font face="Arial" size="2">Questions:<br>
<br>
1) Is this approach viable? (What are the pitfalls?)<br>
<br>
2) What python module is consulted to determine access rights when a
page request is made?<br>
<br>
2) Is this difficult to implement if one has rudimentary Python skills?
(Or is there already sample code out there to do something like this? I
couldn't find any.)<br>
</font></span></div>
</body>
</html>