This didn't work. What is the better model to use if domain authentication support will be deprecated soon?
-----Original Message----- From: Randall F. Kern [mailto:randy@spoke.net] Sent: Tuesday, February 06, 2001 11:20 AM To: burwell@parc.xerox.com; zope@zope.org Subject: RE: [Zope] Going from Zope 2.1.6 to 2.3.0: security issue
try going to http://yourserver/acl_users/setDomainAuthenticationMode?domain _auth_mode =1
# Domain authentication support. This is a good candidate to # become deprecated in future Zope versions.
-Randy
-----Original Message----- From: Burwell, Becky <burwell@parc.xerox.com> [mailto:burwell@parc.xerox.com] Sent: Tuesday, February 06, 2001 10:35 AM To: 'zope@zope.org' Subject: [Zope] Going from Zope 2.1.6 to 2.3.0: security issue
We are in the process of moving from Zope 2.1.6 to Zope 2.3.0
We had some web pages that we wanted to restrict to people just at our research lab.
We did this by creating a role called "localUsers". And then we added a user with a domain of *.parc.xerox.com that had the role of localUsers. This allowed anyone whose web browser was on a machine in *.parc.xerox.com to access the pages. This worked great in 2.1.6.
When we brought up Zope 2.3.0 we find that we get prompted for an id and password when accessing web page that have our role localUsers applied to them. We can tell the user what to type, but it is annoying.
What's the best way to restrict a set of pages to a particular domain without having to require the user to login?
Thanks.
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )