On Fri, Mar 16, 2001 at 01:50:43PM -0700, Casey Duncan wrote:
Daniel Rusch wrote:
Then are they navigating to
something that can be viewed anonymously or to a secured page?
to a secured page
So, as I'm sure you know, after changing passwords, the user looses Authentication (assuming you are using the built in Zope machinery, which from all appearances you are) because the browser continues to send the old password.
This is then a rather odd point of failure. What should happen is the browser should make the user log in again. Is this happening or no?
The browser will ask for a password again on the next request, if Basic Auth is used. Try this on your own ZOpe server; change the password of the User object you use to log in and then click on any link you previously had access to; a password box will pop up. -- Martijn Pieters | Software Engineer mailto:mj@digicool.com | Digital Creations http://www.digicool.com/ | Creators of Zope http://www.zope.org/ ---------------------------------------------