Is the cannonical technique for setting up a zope 3 instance behind
an apache server with SSL activated documented in detail anywhere?


Here's what I've tried (actually, I tried about 10**3 other things, but
this was the first and, I think the most sensible):

I have a zope 3 instance with a PAU configured with
   No Challenge if Authenticated
   Session Credentials
   Zope Realm Basic-Auth

If I disable SSL in my apache server, and configure a virtual host
as follows, access is fine using xmlrpc (http://user:[EMAIL PROTECTED]/ rfolder/r1) and when using a browser to access http://sasa.local/rfolder/r1 I'm presented
a login form (as expected). Life is good:

<VirtualHost *>
    ServerName sasa.local
    ServerAlias sasa.local *.sasa.local
    DocumentRoot "/home/zwc/"

    CustomLog "/var/log/httpd/sasa-access.log" combined
    ErrorLog  "/var/log/httpd/sasa-error.log"
    LogLevel debug
    ServerSignature On

    RewriteEngine On
    RewriteRule ^/files/(.*) - [L]
    RewriteRule ^/(.*) \
http://localhost:8080/wcsite/++vh++http:%{SERVER_NAME}:80/++/ $1 [P,L]
</VirtualHost>

However, if I enable SSL in apache and configure a virtual host (by changing
the rewrite rule) as follows, access is still fine using xmlrpc but
I get the error
"You don't have permission to access /@@loginForm.html on this server."
when I attempt to access (http://sasa.local/rfolder/r1) using a browser

<VirtualHost *>
    ServerName sasa.local
    ServerAlias sasa.local *.sasa.local
    ServerAdmin [EMAIL PROTECTED]
    DocumentRoot "/home/zwc"

    CustomLog "/var/log/httpd/sasa-access.log" combined
    ErrorLog  "/var/log/httpd/sasa-error.log"
    LogLevel debug
    ServerSignature On

    RewriteEngine On
    RewriteRule ^/files/(.*) - [L]
    RewriteRule ^/(.*) \
http://localhost:8080/wcsite/++vh++https:%{SERVER_NAME}:443/+ +/$1 [P,L]
</VirtualHost>
~




_______________________________________________
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users

Reply via email to