[Zope] apache ssl management pages

Dylan Reinhardt zope@dylanreinhardt.com
Sat, 19 Oct 2002 08:08:53 -0700


Getting Zope (2.5, anyway) to recognize the https instead of http is 
tricky.  One common workaround is to put a DTML Doc called is_https that 
manually specifies whether the pages below its containing folder should be 
served https.

You might be better off using a different workaround, which is to put a 
method in the root folder called admin.  This method has one line:

<dtml-call "RESPONSE.redirect('https://my_server_url/manage')

Or something like that.  Make the method available to Anonymous since you 
don't want to start authentication until the https connection is made.

Now, you can type:

my_server_url/admin

and you're there.

HTH,

Dylan


At 09:10 AM 10/19/2002 -0400, you wrote:
>I recently got ssl working on my system and wanted to use ssl for the
>management pages of zope.  I'm using apache + zope + vhm.
>
>I'd like to be able to type the normal http url and if a management
>screen is viewed have it "redirect" (is that the right term) everything
>through secure pages.  Everything is working now but I have to actually
>type https://... (oh, the agony) rather than just http://...  In other
>words, I'd rather just type .../manage at the end and just log in and
>start working.  Currently, that isn't happening, I have to manually type
>in the https or it doesn't get encrypted.
>
>
>Here's the httpd.conf (mind the word wrap):
>===================================================
>NameVirtualHost 192.168.100.253:80
>NameVirtualHost 192.168.100.253:443
>
><VirtualHost 192.168.100.253:80>
>ServerName mydomain.org
>
># Secure management screens
>RewriteCond %{SERVER_PORT} !443
>RewriteCond %{REQUEST_URI} ^/(.*(manage).*)
>RewriteRule ^/(.*)
>http://127.0.0.1:9673/VirtualHostBase/https/%{HTTP_HOST}:443/jesse/VirtualHostRoot/$1 
>[L,P]
>
># Rewrite rules for normal zope browsing
>RewriteCond %{HTTP_HOST} ^.*:80$
>RewriteRule ^/(.*)
>http://127.0.0.1:9673/VirtualHostBase/http/%{HTTP_HOST}/jesse/VirtualHostRoot/$1 
>[L,P]
>
># A "static" directory within zope
>RewriteCond %{REQUEST_URI} !^/nz/
>RewriteRule ^/(.*)
>http://127.0.0.1:9673/VirtualHostBase/http/%{HTTP_HOST}:80/jesse/VirtualHostRoot/$1 
>[L,P]
></VirtualHost>
>
><VirtualHost 192.168.100.253:443>
>ServerName mydomain.org
>     <IfModule mod_ssl.c>
>     SSLEngine on
>     SSLCertificateFile    /etc/apache/ssl.crt/server.crt
>     SSLCertificateKeyFile /etc/apache/ssl.key/server.key
>     SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
>     </IfModule>
>RewriteEngine On
>RewriteRule ^/(.*)
>http://127.0.0.1:9673/VirtualHostBase/https/%{HTTP_HOST}:443/jesse/VirtualHostRoot/$1 
>[L,P]
></VirtualHost>
>
>
>
>_______________________________________________
>Zope maillist  -  Zope@zope.org
>http://lists.zope.org/mailman/listinfo/zope
>**   No cross posts or HTML encoding!  **
>(Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )