[Seaside] Seaside Security

Lukas Renggli renggli at gmail.com
Wed Jul 23 19:43:57 UTC 2008

>  But how I prevent that someone is accessing .../seaside/config ? The only
> way seems  to removing the config application. But that is bad, because
> perhaps I want configure something later and not in code....

Again the story with Apache.

The Squeak image servers all applications on port 8080 that is hidden
behind the firewall. This means from outside the server I cannot
access port 8080.

Then there is Apache that proxies requests to www.myapp.com to

When I want to access the config application I go to the server (or
use a tunnel) to access localhost:8080/seaside/config.

>  And the other thing but related is this: according to tutorials, if one set
> up WAAuthConfiguration as an ancessor in the configuration of an
> application, then the log-in dialog should come up if one try to access
> .../seaside/<myapplication> . But this doen't happen for me. Perhaps there
> is a little detail I overlook....

Did you set the username and password in the config application?

It could also be that your web browser caches the authentication
somehow. So you only need to enter it once.


Lukas Renggli

More information about the seaside mailing list