Hi Patrick, My point was that Zope can't tell the difference. If your username/password are defined way down deep.. Zope can't find it to check... so if you're not defined at the root level.. you're anonymous until you traverse (i.e., cd) to an area where Zope can check your credentials. At that point you either check out.. or you don't. If there are 15 users with a username 'joe', but in different branches, there is no problem, but each 'joe' will only get correctly authenticated as something other than anonymous in the branch where his password matches the 'joe' user for that branch. -steve
"Patrick" == Patrick <patrick@eahd.or.ug> writes:
Patrick> On Thu, 22 Mar 2001, Steve Spicklemire wrote: >> Hmm.. if I recall correctly the problem goes something like >> this: >> >> say I have a user: joe defined in: >> >> /company/division/branch/group/acl_users >> >> when joe tries to FTP should Zope be expected to search all the >> 400 acl_users folders in the hierarchy until if finds a match? >> Or... what if there are *two* joe's which should I check? Patrick> That's part of the problem; but another problem is as Patrick> (Chris pointed out) what if joe makes an error in Patrick> logingin eg wrong username &/or wrong password; why does Patrick> medusa log you in as annonymous user instead of breaking Patrick> the connection altogether like most other ftp clients? >> -steve