Frederic de Zorzi wrote at 2005-1-7 21:51 +0100:
After disabling Anonymous access in "Wedbav Access" permission on root folder, I've lost all non-Manager accesses in 2.6.4 servers :
Each time I try to access a restricted page (anonymous access works), I have the folowing :
Traceback (innermost last): Module ZPublisher.Publish, line 89, in publish Module ZPublisher.BaseRequest, line 438, in traverse Module ZPublisher.HTTPResponse, line 663, in unauthorized Unauthorized: <strong>You are not authorized to access this resource.</strong>
I've reactivated anonymous access for webdav, same thing. This happens with our 4 zope servers (debian woody, zope 2.6.4, python 2.1) :(((
Almost surely, this has nothing to do with your "webdav" access permission. When you look at the code near line 663 of ".../ZPublisher.BaseRequest.py" you will probably see something like: if user is None and roles != UNSPECIFIED_ROLES: response.unauthorized() If this is the case (I am not sure as my Zope version is much more modern than yours ;-) ), then this means: * you try to access a protected object ("roles != UNSPECIFIED_ROLES") * the user folder was not able to authenticate a user with the required roles ("user is None"). You should log in as "Emergency User" (Howto on Zope.org) and analyse your user folder. If this does not reveal a problem, then maybe the necessary roles have been erroneously determined. Long ago (much before Zope 2.6), I have seen security settings disappearing (twice, not reproducible, unexplained). Check especially the "security" tab of the "Root Folder" (again as EmergencyUser) that it grants all permissions to "Manager". -- Dieter