Re: How to map live site to separate website without reverse proxy?

2011-03-30 Thread Michael Wechner
Hi Igor On 3/30/11 12:43 PM, Igor Romanov wrote: Good day, I have Lenya running on Tomcat. I have found information on website and in this forums on how to map live part of specific publication to, e.g. "www.example.com " while having authoring environment at "cms.exam

unsubscribe

2011-03-30 Thread Roberts, Keith (CACI)
Keith Roberts CHDR Developer, CACI Saratoga Springs, Utah keith.robe...@va.gov 801-653-3001

How to map live site to separate website without reverse proxy?

2011-03-30 Thread Igor Romanov
Good day, I have Lenya running on Tomcat. I have found information on website and in this forums on how to map live part of specific publication to, e.g. "www.example.com" while having authoring environment at "cms.example.com" - using reverse proxy (Apache) + mod_rewrite. I have request from my

Re: Implementing Referer check - HTTP Header

2011-03-30 Thread Vik Tara
Please suggest if i am wrong. Seems like you are correct ;) On 03/30/2011 10:03 AM, Gaurav Kalia wrote: May still allow an attacker to spoof the dns name - or are you using an ip address? Yes attacker can spoof the DNS but match pattern with not allow the request to go through as it will ch

Re: Implementing Referer check - HTTP Header

2011-03-30 Thread Gaurav Kalia
May still allow an attacker to spoof the dns name - or are you using an ip address? Yes attacker can spoof the DNS but match pattern with not allow the request to go through as it will check the referer with our own DNS. I guess referer contains the DNS from which the request is coming not t

Re: Implementing Referer check - HTTP Header

2011-03-30 Thread Vik Tara
match pattern should only work if the request (referer) is a particular domain due to security reason. May still allow an attacker to spoof the dns name - or are you using an ip address? On 03/30/2011 09:28 AM, Gaurav Kalia wrote: I am not very much clear with the implementation. *What i wan

Re: Implementing Referer check - HTTP Header

2011-03-30 Thread Gaurav Kalia
Ok, what i did is -- when i need to call test.html i and matched index.html with type="referer-match" and it seems to be working fine. Is this the correct way of implementation. Regards Gaurav On Wednesday 30 March 2011 01:58 PM, Gaurav Kalia wrote: I am not very much clear with the implement

Re: Implementing Referer check - HTTP Header

2011-03-30 Thread Gaurav Kalia
I am not very much clear with the implementation. *What i want to achieve is --* match pattern should only work if the request (referer) is a particular domain due to security reason. I guess this will not allow any hacker to use client side code anywhere else to use the functionality deploye

Re: Implementing Referer check - HTTP Header

2011-03-30 Thread florent andré
humm... your referer is on index.html and your match on test.html a mail typo or the trick ? :) ++ On 03/30/2011 09:19 AM, Gaurav Kalia wrote: Hi Florent Yes referer is present in the request header, see below Referer|http://localhost:/pub/live/index.html| Below is the match type and

Re: Implementing Referer check - HTTP Header

2011-03-30 Thread Gaurav Kalia
Hi Florent Yes referer is present in the request header, see below Referer|http://localhost:/pub/live/index.html| Below is the match type and pattern that i am using in a module: http://localhost:/pub/live/test.html"; type="referer-match"> and the matcher entry in the module sitemap