+-------[ Jonas Meurer ]---------------------- | Hey Andrew, | | thanks for your fast reply. | | On 04/07/2008 Andrew Milton wrote: | > | Is this a known issue? I consider that as a quite serious bug, as both | > | project1 and project3 might be private and should not be published over | > | the globally available apache rewriterule. | > | > Welcome to Acquisition 101. | > | > This is known behaviour, and in fact for most of us *wanted* behaviour. | > You will have to restructure your Zope to avoid this, or set appropriate | > permissions and acl_users to avoid cross-contamination of the sites. | | Oh, too bad ... | | How to deal with that '*wanted* behaviour' if I do have several public | projects on the same zope instance but don't want all of them being | accessible through the domain of every other project? For example two | competing projects/organisations might be hosted on one and the same | zope instance, and for sure project 'red' would hate it to make project | 'green' available through their domain via http://www.red.org/green.
You setup your folders with an acl_users (I assume they actually do have one). /projects/red/acl_users /projects/green/acl_users Set up "Green" role on green Set up "Red" role on red Uncheck 'Acquire' from the permissions. Remove Red permissions on green Remove Green permissions on red Make sure each user in the relevant project folder has the right role too. Then red.org/green would go /projects/red/green/ Assuming your username/password pair doesn't exist in both acl_users the red will authenticate you and give you the 'red' role which won't allow you to view the green folder. -- Andrew Milton [EMAIL PROTECTED] _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )