I remember to have had this problem when accessing office files like *.doc's. It *think* it was a IE issue, that olny happend with particular IE versions. Robert Am Friday 05 September 2003 23:26 schrieb Dieter Maurer:
Bjorn Stabell wrote at 2003-9-2 19:33 +0800:
Has anyone encountered this problem:
When accessing File objects that are not accessible to Anonymous (HTTP and WebDAV View permissions not given), the Basic HTTP Auth window pops up repeatedly even after the user has logged in using the cookie crumbler method, and the user has permissions to view the file. Clicking cancel actually lets the user view the file, but that's not an acceptable solution, of course.
I see this behavior with Zope 2.5.1 & 2.6.1 (haven't tried 2.7b2 yet), and I seem to recall earlier versions as well.
I could not reproduce your problem (Zope 2.6.2b2). However, I remember that I saw similar problem reports in the mailing list.
You get the basic authentication when the permission requirements during request processing are stronger than that on the published object. It is unclear, however, why you see the file when you cancel the login dialog.
Shane's VerboseSecurity Product may give some clues.
Dieter
_______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
-- mit freundlichen GrĂ¼ssen Robert Rottermann www.redCOR.ch