WebStack

docs/Zope/NOTES.txt

392:e937613954b3
383:74ed715c5455
379:d6ab8969b2ac
2005-05-01 paulb raw annotate files changeset graph [project @ 2005-05-01 18:16:52 by paulb] Added missing example for Zope. 
     1 Configuring Zope:
     2 
     3 Make a symbolic link to the example product directory from within the
     4 appropriate Zope instance's Products directory:
     5 
     6 cd Zope/instances/Products
     7 ln -s ../../../WebStack/examples/Zope/SimpleProduct
     8 
     9 Or copy the example product directory into the Zope instance's Products
    10 directory:
    11 
    12 cp -R WebStack/examples/Zope/SimpleProduct Zope/instances/Products/
    13 
    14 Then configure the etc/zope.conf file to add details of the example
    15 application and the WebStack package. In the appropriate section, add the
    16 following directives (adjusted for the exact configuration):
    17 
    18 path /home/paulb/Software/Python/WebStack
    19 path /home/paulb/Software/Python/WebStack/examples/Common
    20 
    21 Upon starting or restarting Zope, add the example product using the management
    22 interface (eg. add "Simple product" as "test") and then visit the anticipated
    23 URL; for example:
    24 
    25 http://localhost:8080/test
    26 
    27 --------
    28 
    29 Authentication/authorisation in Zope:
    30 
    31 Like mod_python (and Apache), Zope prevents application-level control over
    32 HTTP Basic authentication. However, the authenticator approach can still be
    33 used to control access to resources. When the Auth example is deployed in a
    34 normal "public" folder in a Zope instance, it is possible to merely supply the
    35 desired username and any password to satisfy the elementary security check.
    36 However, should the Auth example be deployed in a folder with its own access
    37 controls, then all access to the application must first go through the Zope
    38 security checks (which entail the proper authentication of the user through
    39 the validation of the user's password) before being validated by the
    40 elementary security check performed in the AuthAuthenticator class.
    41 
    42 To set up such a protected folder, do the following in the Zope management
    43 interface:
    44 
    45   * Choose "Folder" in the menu of objects to add.
    46   * Choose an "Id" and "Title", and to "Create user folder", then "Add".
    47   * Choose the new folder.
    48   * Choose the "Security" tab, and change the "View" permission so that only
    49     authenticated users have access.
    50   * Add appropriate users to the "acl_users" folder inside the new folder.
    51   * Add WebStack resources to the new folder.