On 1/5/11 2:14 PM, Izak Burger wrote: > We wrote something like that for a client once. It eventually ended up > in my hands and was eggified and pypified. Its called > Products.PASIPAuth and its on pypi. I'm certain it has plenty of room > for improvement :-)
I will check it out, thank you! > > It contains code to fetch the remote ip from the x-forwarded-for header > squid should insert. I have no idea how it will play with other > proxy/accelerators. Also, without something like squid that manages this > header, someone can easily bypass your security by inserting this header > with a spoofed ip address. So be aware. What about with no proxy/accelerator? I.e. just apache or nginx. In this case it is much easier, I assume. > It even understands CIDR netmasks, so you can say that 192.168.0.0/24 > are all "john" if you want to. Nice, does it have a UI? If not that's probably on the client's wish list (even though it's probably not necessary; could probably get away with a config file). Alex > > regards, > Izak -- Alex Clark · http://aclark.net Author · http://aclark.net/admin _______________________________________________ Product-Developers mailing list [email protected] http://lists.plone.org/mailman/listinfo/product-developers
