adam schrieb: > Basically i have created a CMS. There is the CMS itself which is > secure and is accessed by > > www.example.com/login > > then there is the actual viewing of the web pages > > www.example.com > > I was just seeing if it would be easy to add in sub domains and keep > clean simple URL's ect.
Well, it causes all kinds of problems because URLs without full hostnames (as they are usually rendered by TG) are not working anymore. And especially for resources, this causes a problem. I'd say unless you are under a strict requirement to do it, better don't bother. You can however rather easily protect e.g. certain namespaces (/admin or some such) by the apache, and e.g. restrict access to them to certain IP-ranges. We do that for our admin-pages. This gives an additional layer of security, of course we also protect the controllers using our own tgext.simpleauth authorization middleware (which is similar to repoze.wh*) Diez --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/turbogears?hl=en -~----------~----~----~----~------~----~------~--~---
