Florent Guillaume wrote:
bruno modulix wrote:
Dieter, I didn't misunderstood your proposed solution. But some users exist in different CPMs with different roles in each CPM. So - unless I'm totally at lost with how Zope's security works - if User1 has role RoleWithMuchPrivileges in Cpm1 and role RoleWithFewPrivileges in Cpm2, he could gain RoleWithMuchPrivileges in Cpm2 just by using faked url cpm1/cpm2/whatever_he_should_not_access_here. Worse, anyone existing in any CPM could gain access to any other CPM just by faking url.
As Tres mentionned, that should not be possible, as it's contrary to the Zope Security Policy.
As I mentionned, I may *also* be completely at lost with the inners of Zope's escurity policy :-/
Can you reproduce it within a blank CPS instance using standard CPS products? If yes, could you explain the steps to reproduce it, and the versions of CPS, CMF, Zope and python you use?
What I observed is that, given 2 siblings CPS (cpsA and cpsB) instances with LDAPUserGroupsFolder, a user existing only in cpsA, once authenticated in cpsA, is still viewed as authenticated when accessing cpsB thru the cpsA/cpsb url. I don't have much time right now to investigate further, but I'll do ASAP and let you know if I find anything strange. -- Bruno Desthuilliers Développeur bruno@modulix.org