Hi Jerome, I am not sure whether it was you with whom I discussed a similar problem? Some days ago, I saw a similar post: &dtml.url-login; raised an "Unauthorized" exception, when the user did not have "View" permission. I could reproduce a problem when the user had not "Access Contents Information", but the "View" permission was not necessary. Same for your problem (I am using ZopeCVS, about 10 days old): "has_permission" requires "Access Contents Information" for its object attribute (a bug in my view), but no 'View' permission. Jerome Alet writes:
.... <dtml-if "AUTHENTICATED_USER.has_permission('View', mymethod)"> ... but if I access the pages as an anonymous user then I've got an Unauthorized exception instead of not having the "Members only" link. Either some strange effect with your Zope version or:
* your "standard_html_xxx" is a DTML Document (! not method) * your user is defined in a subfolder "acl_user", i.e. above "mymethod" then the additional check, that a user can not reach material outside the context of its user folder may hit you. It is only a very vague idea.... Dieter