> From: Oliver Bleutgen <[EMAIL PROTECTED]>
>> Btw. with a small module it's even possible to log the usernames with
> apache,
>> something medusa isn't capabable of afaik (as of zope version < 2.3).

> Cool! What module is this, and how do you use it?

Heh, it's a apache-module written in perl called AuthAny that I leeched 
somewhere and it's sole purpose is to make apache think there's 
authentication going on so that he logs the names and to _require_
a username and password, but I think that is easily fixable if you want to 
allow anonymous logins.
I would describe that as a hack, but I wouldn't be able to
modify apaches itself for a more "correct" solution even when
my life depended on it.
I use this in http.conf

<Directory proxy:*>
    PerlAuthenHandler Apache::AuthAny
    AuthType Basic
    AuthName "Your Login..."
    AuthUserFile "/web/site/bogus_userfile.txt"
    require valid-user

Don't rember whether AuthUserFile is necessary, it may be
just an artifact of some other experiments.

AuthAny.pm is an amazingly complex (;-)) perl-module which 
has to be put into the right location, which is in Suse (7.0):


package Apache::AuthAny;
 # file: Apache/AuthAny.pm
 use strict;
 use Apache::Constants qw(:common);
 sub handler {
     my $r = shift;
     my($res, $sent_pw) = $r->get_basic_auth_pw;
     return $res if $res != OK;
     my $user = $r->connection->user;
     unless($user and $sent_pw) {
         $r->log_reason("Both a username and password must be provided", $r->filename);
         return AUTH_REQUIRED;
     return OK;

One note: Does anybody feel inspired to write a python module for
apache which hooks into zope's security mechanism and gives 
a possibility for simple authentication which is shared between
zope and apache? For instance authenticate a user iff he is 
allowed to access a certain "dummy" object.
That way one could easily manage access within zope
to files/scripts which are not inside the ZODB.


Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope )

Reply via email to