Hi, thanks for the tip, but it didn't solve the problem. But I found a workaround after trying many different things, it's a hack but it works :-) in the index_html, I put: <dtml-var header> <dtml-try> <dtml-var content> <dtml-except> <FORM action="<dtml-var "idUrl(url='login')">" method="POST"> <tr height="4"> <td colspan=2 width="650" height="4"> <b>Bitte melden Sie sich zunächst an</b></font></td> </tr> <TR> <th>Benutzer</th> <td> <input type="hidden" name="GalileoSession" value="<dtml-var expr="sdm.getToken()">"> <input type="string" name="__ac_name" size=40></td> </TR> <TR> <th>Passwort</th> <td><input type="password" name="__ac_password" size=40></td> </TR> <TR><TD> </TD> <td> <input type="hidden" name="goto" value="<dtml-var HTTP_REFERER>"> <input type="submit" name="LogMeIn" value=" Log In "> </td> </TR> <dtml-try> <dtml-if "REQUEST.has_key('LogMeIn') and AUTHENTICATED_USER.getUserName() != 'Anonymous User'"> <dtml-var mitte> </dtml-if> I had to put in the Form directly anything else didn't work. login/content looks like this: <table with="100%" border="0"> <dtml-with "AUTHENTICATED_USER"> <table border="0" cellpadding="0" cellspacing="2" width="450"> <dtml-if "AUTHENTICATED_USER.getUserName() == 'Anonymous User'"> <dtml-if "REQUEST.has_key('LogMeIn')"> <tr><td> Login failed !! </td></tr> </dtml-if> <FORM action="<dtml-var "idUrl(url='./')">" method="POST"> <tr height="4"> <td colspan=2 width="650" height="4"> <b>Bitte melden Sie sich an</b></font></td> </tr> <TR> <th>Benutzer</th> <td> <input type="hidden" name="GalileoSession" value="<dtml-var expr="sdm.getToken()">"> <input type="string" name="__ac_name" size=40></td> </TR> <TR> <th>Passwort</th> <td><input type="password" name="__ac_password" size=40></td> </TR> <TR><TD> </TD> <td> <input type="hidden" name="goto" value="<dtml-var HTTP_REFERER>"> <dtml-comment ""> <input type="hidden" name="goto" value="<dtml-var expr="idUrl(url=HTTP_REFERER)">"> </dtml-comment> <input type="submit" name="LogMeIn" value=" Log In "> </td> </TR> </FORM> <dtml-else> <dtml-if "REQUEST.has_key('goto')"> <dtml-in "SQL_gesperrt(benutzer=AUTHENTICATED_USER.getUserName())"> <dtml-call "REQUEST.set('frei',freigegeben)"> </dtml-in> <dtml-if "frei == 's'"> <b>Dieser Benutzer ist gesperrt.</b> <dtml-else> <dtml-call "RESPONSE.redirect(goto)"> </dtml-if> </dtml-if> </dtml-if> </dtml-with> </table> The code at the bottom covers a special case in this application, where the user access is locked. The interesting and remaining problem is, that if the condition is true, the Text is displayed twice !!!!!!! On Thu, 8 Nov 2001, Andrew Kenneth Milton wrote:
Hi there, someone asked me to drop you a line about your problem you posted on zope-dev.
I can't directly help you with LoginManager, which you might be tied to.
I'm the principal developer of exUserFolder. Which is an extensible user folder, that lets you write auth plugins. It's fairly easy to write them from scratch. This isn't a plug, just a warning d;)
I can reproduce the behaviour you are seeing, *if* inside the locked folder I allow "View" permission to Anonymous on content. Then it throws the Basic Auth instead of the Form Auth it should throw as it tries to access protected objects (this is because the acquired object is above the level where the acl_users that uses Cookie Auth is) this is normally standard_html_header.
It might be as simple as turning of View for Anonymous on content inside testFolder, this will force the initial access to throw the Login Required exception in the right context.
If this works for you feel free to share with the zope-dev list.
I have tested the following setup;
/openFolder /openFolder/acl_users (exUserFolder using Cookie Auth) /openFolder/index_html /openFolder/lockedFolder/ /openFolder/lockedFolder/content
In all cases access to lockedFolder uses the form based login, calling content directly, and calling index_html (which is acquired) and calling lockedFolder/ without explicitly calling index_html. This is without View for Anonymous allowed.
-- Totally Holistic Enterprises Internet| | Andrew Milton The Internet (Aust) Pty Ltd | | ACN: 082 081 472 ABN: 83 082 081 472 | M:+61 416 022 411 | Carpe Daemon PO Box 837 Indooroopilly QLD 4068 |akm@theinternet.com.au|
Mit freundlichen Grüßen Joachim Schmitz AixtraWare, Ing. Büro für Internetanwendungen Hüsgenstr. 33a, D-52457 Aldenhoven Telefon: +49-2464-8851, FAX: +49-2464-905163