On 12 May 2000, Kent Polk wrote:
Some browsers *do* only pass authentication info when the server requests it. We discovered this a couple of years ago when experimenting with the newly-developed domain authentication that I asked to be implemented in userfolders with Principia.
Unless I'm badly mistaken, the standard Zope management interface has a problem with this. My perception is that w3m is a browser that only passes auth info when requested. If I'm looking at a management screen, and I click on a link that takes me to 'manage_workspace' for that object, Zope responds as if I am not authenticated. If I explicitly type in the URL with 'manage_main', then I get the management screen. I'm *guessing* that manage_workspace somehow does not require 'view management screens' permission but 'manage_main' does. What are other browsers that have this behavior? I'd like to test my theory... If I'm right, is this a bug in Zope? --RDM