[Zope3-Users] zope 3 apache and SSL

C. H. c at kikazi.com
Sun Aug 26 20:46:00 EDT 2007




I've determined a method to of solving my problem using the
2 include files that I show below in the event that it may give
someone else struggling with the same problem a place
to start:

# First I made all content on the site accessible only through the
# secure server.

<VirtualHost  your_host_internet_address:80>
    ServerName sasa.local
    DocumentRoot /var/www/empty
    RedirectPermanent / https://sasa.local/
</VirtualHost>


# Then include the rewrite rule for the zope site in the same virtual  
host
# definition as the secure server

Listen 443
NameVirtualHost *:443
<VirtualHost _default_:443>
ServerName sasa.local
SSLEngine on
SSLCertificateFile /etc/httpd/ssl/ca.crt
SSLCertificateKeyFile /etc/httpd/ssl/ca.key


     ServerName sasa.local

     CustomLog "/var/log/httpd/sasa-access.log" combined
     ErrorLog  "/var/log/httpd/sasa-error.log"
     LogLevel warn
     ServerSignature On

     RewriteEngine On
     RewriteRule ^/files/(.*) - [L]

     RewriteRule ^/wcsite(/?.*) \
         http://localhost:8080/wcsite/++vh++https:%{SERVER_NAME}:443/ 
wcsite/++$1 [P,L]

</VirtualHost>




On Aug 21, 2007, at 4:07 PM, C. H. wrote:

>
>
> Is the cannonical technique for setting up a zope 3 instance behind
> an apache server with SSL activated documented in detail anywhere?
>
>
> Here's what I've tried (actually, I tried about 10**3 other things,  
> but
> this was the first and, I think the most sensible):
>
> I have a zope 3 instance with a PAU configured with
>    No Challenge if Authenticated
>    Session Credentials
>    Zope Realm Basic-Auth
>
> If I disable SSL in my apache server, and configure a virtual host
> as follows, access is fine using xmlrpc (http:// 
> user:pass at sasa.local/rfolder/r1)
> and when using a browser to access http://sasa.local/rfolder/r1 I'm  
> presented
> a login form (as expected). Life is good:
>
> <VirtualHost *>
>     ServerName sasa.local
>     ServerAlias sasa.local *.sasa.local
>     DocumentRoot "/home/zwc/"
>
>     CustomLog "/var/log/httpd/sasa-access.log" combined
>     ErrorLog  "/var/log/httpd/sasa-error.log"
>     LogLevel debug
>     ServerSignature On
>
>     RewriteEngine On
>     RewriteRule ^/files/(.*) - [L]
>     RewriteRule ^/(.*) \
>         http://localhost:8080/wcsite/++vh++http:%{SERVER_NAME}:80/+ 
> +/$1 [P,L]
> </VirtualHost>
>
> However, if I enable SSL in apache and configure a virtual host (by  
> changing
> the rewrite rule) as follows, access is still fine using xmlrpc but
> I get the error
> "You don't have permission to access /@@loginForm.html on this  
> server."
> when I attempt to access (http://sasa.local/rfolder/r1) using a  
> browser
>
> <VirtualHost *>
>     ServerName sasa.local
>     ServerAlias sasa.local *.sasa.local
>     ServerAdmin c at kikazi.com
>     DocumentRoot "/home/zwc"
>
>     CustomLog "/var/log/httpd/sasa-access.log" combined
>     ErrorLog  "/var/log/httpd/sasa-error.log"
>     LogLevel debug
>     ServerSignature On
>
>     RewriteEngine On
>     RewriteRule ^/files/(.*) - [L]
>     RewriteRule ^/(.*) \
>         http://localhost:8080/wcsite/++vh++https:%{SERVER_NAME}:443/ 
> ++/$1 [P,L]
> </VirtualHost>
> ~
>
>
>
>
> _______________________________________________
> Zope3-users mailing list
> Zope3-users at zope.org
> http://mail.zope.org/mailman/listinfo/zope3-users



More information about the Zope3-users mailing list