[Zope-dev] question: forcing https for authentication

Jamie Heilman jamie@audible.transient.net
Thu, 16 Jan 2003 18:04:46 -0800


> And it's clearly worse performance wise for the typical use case,
> because you now get a load of rewrite stuff for any URI which has to
> be processed.

Using mod_ssl the following works pretty well:
<LocationMatch "/manage">
 SSLRequireSSL
</LocationMatch>

No rewrite or mod_rewrite overhead.  You simply get a 403 if you don't
use https.  Dunno if thats an option for you but its something to
think about.
 
> All these complications and administrative burdens alone lead in effect 
> to insecurity.

I'll buy that, but I don't have a good way to fix it.  The z object
hierarchy just isn't as easy to secure as a filesystem.

> The example code I posted was more or less to illustrate my intention, 
> if I'd know where to implement such a hook, I'd probably try to make it 
>  more flexible. Make it dependend from a startup flag, and check for a 
> magic attribute in the acquisition chain perhaps, which prevents the 
> redirect. Also allow for redirects to a different host.

Well somebody mentioned Access Rules ... frankly I'm not sure what
that buys you really, the problem seems to be its very difficult to
classify what needs to be protected and what doesn't without trodding
on somebody elses namespace or creating something overly fragile.

-- 
Jamie Heilman                   http://audible.transient.net/~jamie/
"I was in love once -- a Sinclair ZX-81.  People said, "No, Holly, she's 
 not for you." She was cheap, she was stupid and she wouldn't load 
 -- well, not for me, anyway."				-Holly