[Zope] Re: [Zope-DB] How to prevent the manage from outer connections ?

Dieter Maurer dieter at handshake.de
Fri Jul 23 15:53:02 EDT 2004


fowlertrainer at anonym.hu wrote at 2004-7-23 08:36 +0200:
>...
>It is an intranet site, but some functions are needed to access from 
>"outernet".
>
>I don't want to anyone manage my site from outside.
>How to prevent these requests ?

A "PostAuthenticationHook" might help you.
In such a hook, you can check whether the current user
has a "Manager" role and raise "Unauthorized" when it comes
from outside your intranet.

Zope does not support "PostAuthenticationHooks" out of the box
(I think, at least).
But there are two implementations around: one is in the Zope collector,
the other is on my Zope page

  <http://www.dieter.handshake.de/pyprojects/zope>


-- 
Dieter


More information about the Zope mailing list