[Zope] Access Permission by Domain and without Login?

Jens Vagelpohl jens at dataflake.org
Mon Jun 14 11:10:29 EDT 2004


Those can be spoofed as well. There's no increased security there.

jens

On Jun 14, 2004, at 10:57 AM, Passin, Tom wrote:

> I asked for suggestions on restricting access to otherwise
> anonymously-accessable pages and methods.  It has been pointed out to 
> me
> off line that that restriction by domain *name* can have security
> problems.  But my terminology was misleading, becaues that is not quite
> what I had in mind.
>
> I am asking about restriction by specific IP number ranges, like
> 140.90.*.*, not by domain *name*.
>
> Cheers,
>
> Tom P
>
>>
>> For a Zope 2.7/Plone 2 site, I would like to restrict
>> (otherwise) anonymous access to certain specific pages or
>> methods to people making the request from specific domains.
>> I know that I can specify a domain for a particular user, but
>> I want this to apply to anyone, without any special per-user
>> configuration, and without requiring a login.
>>
>> Also I want to do this without putting Zope behind Apache or
>> any other proxy, if this is possible.
>>
>> I don't recall seeing this discussed.  Does anyone have
>> suggestions as to how to accomplish this?
>
> _______________________________________________
> Zope maillist  -  Zope at zope.org
> http://mail.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://mail.zope.org/mailman/listinfo/zope-announce
>  http://mail.zope.org/mailman/listinfo/zope-dev )




More information about the Zope mailing list