RE: [Zope-dev] Zope security alert and 2.2 information
Which does bring be back to the question of what is the relationship between the 'nobody' user and the 'Anonymous' user.
They are different names for the same thing. When you visit a (Zope) site without credentials, you are visiting as the Anonymous/nobody user. 'Anonymous User' is the name that you see in Zope UI (for example in undo logs if the AU ever does something that causes a transaction). Internally in the Zope code, this user is known as 'nobody'. To be exact, the username attribute of the nobody user is 'Anonymous User'.
Currently, if you could re-authenticate as the Annonymous user, all would be good with the world ;-)
Unfortunately, I don't think you can...
It can be hard (esp. with Basic or Digest authentication). With cookies its not as difficult, but it would be much better if there were a way that worked for all of these. Brian Lloyd brian@digicool.com Software Engineer 540.371.6909 Digital Creations http://www.digicool.com
It can be hard (esp. with Basic or Digest authentication). With cookies its not as difficult, but it would be much better if there were a way that worked for all of these.
Yes, but are there any browsers out there that don't support cookies? -Morten
"Morten W. Petersen" wrote:
Yes, but are there any browsers out there that don't support cookies?
Old ones, but I'm sure are still many people who turn them off, or are forced to turn them off by corporate rules... Chris
Brian Lloyd wrote:
Which does bring be back to the question of what is the relationship between the 'nobody' user and the 'Anonymous' user.
They are different names for the same thing. When you visit a (Zope) site without credentials, you are visiting as the Anonymous/nobody user. 'Anonymous User' is the name that you see in Zope UI (for example in undo logs if the AU ever does something that causes a transaction). Internally in the Zope code, this user is known as 'nobody'. To be exact, the username attribute of the nobody user is 'Anonymous User'.
Hmm... I was under the impression from the Wiki it was different, I'll spell that out explicitly. -Michel
participants (4)
-
Brian Lloyd -
Chris Withers -
Michel Pelletier -
Morten W. Petersen