-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Marc Schnapp wrote: > We're running Plone for internal departmental use. I'm going to lock > down most of the content, requiring a login to view sensitive documents. > But I also want our Google Mini appliance to crawl all content. The > problem is that the appliance does not accept cookies. So Plone and Zope > don't recognize a user account as the crawler attempts to move through > links. > > I am thinking of granting the Google Mini appliance "transparent" access > by reading the http headers of incoming requests and granting access if: > - the header includes the correct client string > AND > - The IP address of the requesting machine is owned by the Google Mini > host. > > Questions: > > 1) Is this approach viable? (What are the pitfalls?) > > 2) What python module is consulted to determine access rights when a > page request is made? > > 2) Is this difficult to implement if one has rudimentary Python skills? > (Or is there already sample code out there to do something like this? I > couldn't find any.)
Such a policy would be trivial to implement in using the ScriptablePlugin within a PluggableAuthenticationService user folder. Even in a "stock" user folder, if you know the IP of the appliance, you can create a user and set the "domain" field to that IP, granting it the roles which allow it to view the site: as long as nobody else can spoof that IP, you should be fine. Tres. - -- =================================================================== Tres Seaver +1 202-558-7113 [EMAIL PROTECTED] Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFD9AUY+gerLs4ltQ4RAnAgAKCn1lhuY8UfdH1xj18ycuTgqGhzHgCg1ALi Za9/wpDb04vRTncZiQrr7S0= =UFug -----END PGP SIGNATURE----- _______________________________________________ Zope maillist - [email protected] http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
