[Zope] apache authentication with proxy -- remote user mode

Adam Manock abmanock@earthlink.net
Fri, 23 Aug 2002 10:12:36 -0400


>
>
>... and it works, but that can only be a temporary solution.
>the problem is that if i do this, users can easily be faked by just using 
>another apache proxy which authenticates users with the same name.
>therefore a domain restriction needs to be applied.

This temporary solution can be made more secure by using your favorite of 
ipchains/iptables/pf/ipfilter/similar on the Zope box to allow access to 
the Zope port from your Apache a.b.c.d/32 proxy address only.
You can still access Zope directly if necessary by port forwarding over SSH 
or similar.

Adam