[Zope] Re: major problems placing authentication on an extranet site-security flaw?

Dario Lopez-Kästen dario at ita.chalmers.se
Tue Feb 14 07:59:07 EST 2006

michael nt milne said the following on 2006-02-14 12:30:
>>  As for the issue with IE6 and editing pages over SSL it all works fine
>>  in Firefox 1.5, so it's a browser issue which I just can't quite
>>  fathom just now.
>  >>I doubt it, my guess would still be that you're doing something wrong
> somewhere...
>  >>>Sorry but I don't agree on this one. I haven't altered any of the 
> Plone 'edit page' functionality. It's out of the box. Works fine without 
> SSL but on SSL trying to edit a page causes 'can't find server'. Firefox 
> though works perfectly viewing and editing so it's a browser issue. I 
> know of other people who have issues with IE and posting images over 
> SSL. Must be something to do with POST security over IE. I'm going to 
> take it up with them but don't expect too much of a response. I'm now 
> about to try with Opera.

This part is *only* about setting up the servers, apache and zope in 
this context, properly.

There is nothing in Zope that works differently when serving over ssl or 
not. SSL is just a transport layer, so it does *not* affect 
zope-capabilities in any way.

I am sure you know this, but since we have learned very little (or at 
least I have - maybe I am not paying attention well enough :-):

*HOWEVER*, IIRC, plone, especially on windows (if installed with the 
windows installer) uses a trick, which is not documented at all, as far 
as I know, uses a Site Access rule.

Have you modified that rule to take advantage of the SSL -server? 
Perhaps the SiteAccess rule is triggering adn trying to redirect you to 
an address/port where there is no service listeing?


-- -------------------------------------------------------------------
Dario Lopez-Kästen, IT Systems & Services Chalmers University of Tech.
Lyrics applied to programming & application design:
"emancipate yourself from mental slavery" - redemption song, b. marley

More information about the Zope mailing list