If anyone here has the consulting expertise to help implement a
solution, please email me separately at m + schnapp + service + marc +
dot + com.
(See my elaborations below)
Chris Withers wrote:
Marc Schnapp wrote:
We're running Plone for internal departmental use. I'm going to lock
down most of the content, requiring a login to view sensitive
documents. But I also want our Google Mini appliance to crawl all
Google Mini can do http basic auth, right? If so, you're fine, just
put in the basic auth details and define a user in acl_users. Provided
the mini presents the credentials without first being challenged by a
401, you'll be fine...
1) The Google Mini does not accept cookies.
2) Plone barfs if you try tricks like adding a query string to URLs.
1) Is this approach viable? (What are the pitfalls?)
I'd worry about headers being spoofed...
I don't have to worry about headers being spoofed. The host lives in our
dedicated data center behind a VPN concentrator requiring RSA
authentication. No one gets to the box unless we already have cleared
them through two-phase authentication.
2) What python module is consulted to determine access rights when a
page request is made?
The user folder, in your case it'll be the hell known as GRUF. Swap
that out for the hell known as PAS ;-)
2) Is this difficult to implement if one has rudimentary Python skills?
Zope maillist - Zope@zope.org
** No cross posts or HTML encoding! **
(Related lists -