Hi David, Visit the URL (on your server): http://your.server/acl_users/setDomainAuthenticationMode?domain_auth_mode=1 It should come back and say: Domain authentication mode set to 1. Then try everything else you described again. Sorry, - C ----- Original Message ----- From: "David Legg" <d.legg@ncl.ac.uk> To: "Zope List" <zope@zope.org> Sent: Wednesday, July 04, 2001 11:18 AM Subject: [Zope] Assigning a Role Based on IP Address (domain)
Hi all,
I want to assign a user a role based on their IP address or domain. Looking through the Zope book this seemed fairly straightforward but I can't get it to work. The folder I am doing this in is one up from the root level, so I can then lock things down from this folder up. This is what I did:
1. Created a new role called internalUser 2. Created a new user called anon, but didn't fill in the password fields, specified the domain as *.mydomain.com and selected the role as internalUser. 3. Created a DTML document (no security assigned) and did a <dtml-var "AUTHENTICATED_USER.getRoles()"> to see what role was being assigned.
When I log into the document anonymously it still displays the role as anonymous - yes I am in the right domain. When I set the security settings to lock out anonymous but enable internalUser to view the page it still prompts for a username and password - even though I didn't specify a password. Looking at the user anon in acl_users the password field is filled even though I didn't specified password - is this normal? Strangely when I give this user a password and log in the ip/domain restriction works - there must be something going amiss somewhere..
The reason why I would like to do it this way is so that I can conditionally show/hide parts of a page based on this role just to give you some context - provided it assigns the right role based on domain/ip!
If someone could provide some step by step instructions as to how they did this (I cannot for the life of me see what I'm missing) and a possible workaround perhaps using REMOTE_ADDR - I would dearly like to avoid this!
Thank you in advance
David
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )