I for one have hacked around this, so all methods authenticate, even if they are declarePublic'd. I don't recall having to make any changes to ZMI. -Randy
-----Original Message----- From: Chris McDonough [mailto:chrism@digicool.com] Sent: Monday, September 03, 2001 2:04 PM To: seb bacon Cc: richard@bizarsoftware.com.au; zope-dev@zope.org Subject: Re: [Zope-dev] declarePublic and users
seb bacon wrote:
* Chris McDonough <chrism@digicool.com> [010903 18:42]:
Yeah, this is due to a shortcut in authentication. I don't particularly like this behavior. It bites lots of people. I wonder if we could change it.
I think so, FWIW. As you say, this behaviour is a result of an implementation shortcut, rather than by design; I doubt the performance benefits outweigh the silliness of the resulting behaviour.
I thought I remembered someone from ZC saying it was changed for 2.4, though?
Geez, I don't think so... maybe you mean the "Authenticated" role being added?
I'd say ditch the current behavior if we can be reasonably certain that nothing important (especially in the ZMI) depends on it.
Anybody want to write a fishbowl proposal? ;-)
-- Chris McDonough Zope Corporation http://www.zope.org http://www.zope.com "Killing hundreds of birds with thousands of stones"
_______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )