On 12 October 2010 08:39, Wichert Akkerman <wichert@wiggy.net> wrote:
On 10/12/10 02:21 , Laurence Rowe wrote:
I'm currently implementing single sign on across Plone sites but have run into a bit of an issue with the CookieAuthHelper.
Unauthorized accesses are redirected to its login_path attribute even when a user is already logged in. Plone works around this with a require_login script that traverses to insufficient_privileges (rather than login_form) when the user is not anonymous.
http://dev.plone.org/plone/browser/Plone/trunk/Products/CMFPlone/skins/plone...
The result is still nasty since it means the unauthorized error will always consider the user to be unauthenticated. I've implemented a workaround in NuPlone to fix that, see http://svn.plone.org/svn/collective/NuPlone/trunk/plonetheme/nuplone/skin/er... . Perhaps something based on that will work for you as well.
That doesn't seem to be the case when I dropped a pdb into CookieAuthHelper.unauthorized:
/data/devel/plone/4.1/src/Products.PluggableAuthService/Products/PluggableAuthService/plugins/CookieAuthHelper.py(184)unauthorized() -> import pdb; pdb.set_trace() (Pdb) from AccessControl.SecurityManagement import getSecurityManager (Pdb) getSecurityManager().getUser() <PloneUser 'test1'>
Laurence