I have a Plone site which I'd like to hide from read-only access and instead serve the contents from a static mirror (mainly for performance reasons, of course); most contents rarely change.
(How to create that mirror is not the topic of this question.)
Now, some parts of the site are free to any unauthenticated user ("public"), some are for anyone who has a free account ("visible"), and some are for paying customers only ("restricted"), where we have different groups which may map the "Reader" role to certain subtrees of the site. A small number of maintainers would need to be able to write; they'd probably need to be redirected to the (otherwise hidden) Plone backend.
We use Cookie-based authentication; we currently run Apache v2.4.6 on a CentOS Linux v7.9.2009.
How would I plug the access control into our configuration for that static site?
- Would I integrate some small call to our Plone site which should of course not be visible to the client, and how, i.e.: which Apache module / directives I'd need to use?
- Or would it be preferable to let our backend maintain an AuthDBMUserFile and one or more AuthDBMGroupFiles (which would arise the question which AuthDBMType to choose and how to maintain it)?
- Other ideas and/or pointers?
Thank you!