Marc Schnapp wrote:
We're running Plone for internal departmental use. I'm going to lock down most of the content, requiring a login to view sensitive documents. But I also want our Google Mini appliance to crawl all content.


Google Mini can do http basic auth, right? If so, you're fine, just put in the basic auth details and define a user in acl_users. Provided the mini presents the credentials without first being challenged by a 401, you'll be fine...

1) Is this approach viable? (What are the pitfalls?)

I'd worry about headers being spoofed...

2) What python module is consulted to determine access rights when a page request is made?

The user folder, in your case it'll be the hell known as GRUF. Swap that out for the hell known as PAS ;-)

2) Is this difficult to implement if one has rudimentary Python skills?

Yes.

cheers,

Chris

--
Simplistix - Content Management, Zope & Python Consulting
           - http://www.simplistix.co.uk

_______________________________________________
Zope maillist  -  Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to