paulb@392 | 1 | Configuring Zope
|
paulb@392 | 2 | ================
|
paulb@379 | 3 |
|
paulb@187 | 4 | Make a symbolic link to the example product directory from within the
|
paulb@187 | 5 | appropriate Zope instance's Products directory:
|
paulb@187 | 6 |
|
paulb@187 | 7 | cd Zope/instances/Products
|
paulb@392 | 8 | ln -s /home/paulb/Software/Python/WebStack/examples/Zope/SimpleProduct
|
paulb@187 | 9 |
|
paulb@187 | 10 | Or copy the example product directory into the Zope instance's Products
|
paulb@187 | 11 | directory:
|
paulb@187 | 12 |
|
paulb@392 | 13 | cp -R /home/paulb/Software/Python/WebStack/examples/Zope/SimpleProduct Zope/instances/Products/
|
paulb@187 | 14 |
|
paulb@191 | 15 | Then configure the etc/zope.conf file to add details of the example
|
paulb@191 | 16 | application and the WebStack package. In the appropriate section, add the
|
paulb@191 | 17 | following directives (adjusted for the exact configuration):
|
paulb@187 | 18 |
|
paulb@187 | 19 | path /home/paulb/Software/Python/WebStack
|
paulb@187 | 20 | path /home/paulb/Software/Python/WebStack/examples/Common
|
paulb@187 | 21 |
|
paulb@187 | 22 | Upon starting or restarting Zope, add the example product using the management
|
paulb@187 | 23 | interface (eg. add "Simple product" as "test") and then visit the anticipated
|
paulb@187 | 24 | URL; for example:
|
paulb@187 | 25 |
|
paulb@187 | 26 | http://localhost:8080/test
|
paulb@273 | 27 |
|
paulb@392 | 28 | Authentication/Authorisation in Zope
|
paulb@392 | 29 | ====================================
|
paulb@273 | 30 |
|
paulb@273 | 31 | Like mod_python (and Apache), Zope prevents application-level control over
|
paulb@273 | 32 | HTTP Basic authentication. However, the authenticator approach can still be
|
paulb@273 | 33 | used to control access to resources. When the Auth example is deployed in a
|
paulb@273 | 34 | normal "public" folder in a Zope instance, it is possible to merely supply the
|
paulb@273 | 35 | desired username and any password to satisfy the elementary security check.
|
paulb@273 | 36 | However, should the Auth example be deployed in a folder with its own access
|
paulb@273 | 37 | controls, then all access to the application must first go through the Zope
|
paulb@273 | 38 | security checks (which entail the proper authentication of the user through
|
paulb@273 | 39 | the validation of the user's password) before being validated by the
|
paulb@273 | 40 | elementary security check performed in the AuthAuthenticator class.
|
paulb@273 | 41 |
|
paulb@273 | 42 | To set up such a protected folder, do the following in the Zope management
|
paulb@273 | 43 | interface:
|
paulb@273 | 44 |
|
paulb@273 | 45 | * Choose "Folder" in the menu of objects to add.
|
paulb@273 | 46 | * Choose an "Id" and "Title", and to "Create user folder", then "Add".
|
paulb@273 | 47 | * Choose the new folder.
|
paulb@279 | 48 | * Choose the "Security" tab, and change the "View" permission so that only
|
paulb@279 | 49 | authenticated users have access.
|
paulb@273 | 50 | * Add appropriate users to the "acl_users" folder inside the new folder.
|
paulb@273 | 51 | * Add WebStack resources to the new folder.
|