consensus? User-Agent: Wanderlust/2.5.8 (Smooth Criminal) SEMI/1.14.3 (Ushinoya) FLIM/1.14.2 (Yagi-Nishiguchi) APEL/10.3 MULE XEmacs/21.4 (patch 1) (Copyleft) (i386-debian-linux) Reply-To: [EMAIL PROTECTED] MIME-Version: 1.0 (generated by SEMI 1.14.3 - "Ushinoya") Content-Type: text/plain; charset=US-ASCII Hello. I have put together a patch (see below) which adds the necessary support for performing user authentication based on domain (and logging) if your zope server is hiding behind apache+mod_proxy+mod_proxy_add_forward. I noticed a posting to zope-dev early this year regarding apache ProxyPass and SiteAccess http://aspn.activestate.com/ASPN/Mail/Message/zope-Dev/479449 Has there been any further discussion or consensus on this issue? regards, - joe n. *** Zope-2.4.1-src/ZServer/HTTPServer.py Wed Aug 8 22:04:32 2001 --- zope-2.4.1/ZServer/HTTPServer.py Tue Sep 25 12:01:55 2001 *************** *** 294,299 **** --- 294,315 ---- if value and not env_has(key): env[key]=value env.update(self.env_override) + + # set REMOTE_ADDR_X and REMOTE_HOST_X + if env_has('HTTP_X_FORWARDED_FOR'): + # only fetch last addr -- appended by mod_proxy_add_forward + remote_addr_x = strip(split(env['HTTP_X_FORWARDED_FOR'], ",")[-1]) + if remote_addr_x != '': + env['REMOTE_ADDR_X']=remote_addr_x + # If we're using a resolving logger, try to get the + # remote host from the resolver's cache. + if hasattr(server.logger, 'resolver'): + dns_cache=server.logger.resolver.cache + if dns_cache.has_key(env['REMOTE_ADDR_X']): + remote_host_x=dns_cache[env['REMOTE_ADDR_X']][2] + if remote_host_x is not None: + env['REMOTE_HOST_X']=remote_host_x + return env def continue_request(self, sin, request): *** Zope-2.4.1-src/ZServer/medusa/http_server.py Tue Jul 3 04:45:22 2001 --- zope-2.4.1/ZServer/medusa/http_server.py Tue Sep 25 12:29:08 2001 *************** *** 284,291 **** else: name = t[0] self.channel.server.logger.log ( ! self.channel.addr[0], ' - %s [%s] "%s" %d %d "%s" "%s"\n' % ( name, self.log_date_string (time.time()), --- 284,295 ---- else: name = t[0] + channel_addr=self.get_header('X-Forwarded-For') + if channel_addr: channel_addr = string.strip(string.split(channel_addr, +",")[-1]) + if not channel_addr: channel_addr = self.channel.addr[0] + self.channel.server.logger.log ( ! channel_addr, ' - %s [%s] "%s" %d %d "%s" "%s"\n' % ( name, self.log_date_string (time.time()), *** Zope-2.4.1-src/lib/python/AccessControl/User.py Sat Aug 4 22:49:26 2001 --- zope-2.4.1/lib/python/AccessControl/User.py Tue Sep 25 12:00:54 2001 *************** *** 1039,1048 **** if len(spec) == 1 and spec[0] == '*': return 1 ! if request.has_key('REMOTE_HOST'): host=request['REMOTE_HOST'] ! if request.has_key('REMOTE_ADDR'): addr=request['REMOTE_ADDR'] if not host and not addr: --- 1039,1052 ---- if len(spec) == 1 and spec[0] == '*': return 1 ! if request.has_key('REMOTE_HOST_X'): ! host=request['REMOTE_HOST_X'] ! elif request.has_key('REMOTE_HOST'): host=request['REMOTE_HOST'] ! if request.has_key('REMOTE_ADDR_X'): ! addr=request['REMOTE_ADDR_X'] ! elif request.has_key('REMOTE_ADDR'): addr=request['REMOTE_ADDR'] if not host and not addr: _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
