Something really weird is happening with my Zope
application.
Since I wanted to develop a kind of authentication
process to
validate the access to each DTML document, I just created a python
script that is called at the beginning of each document.
The only thing this script does it to check if a certain session
variable exists and if it a consistent value.
If so, then the script does nothing more and returns to the DTML
doc.
If not it cause a redirection to a login page.
Something like that:
General DTML document:
---------------------
<dtml-call expr="pyscripts.pyCheckLogin()">
<dtml-var standard_html_header>
(...)
<dtml-var standard_html_footer>
This worked properly when I ran Zope behind IIS.
Now that I transferred my Zope application to
another server, this
authentication philosophy stopped working and the only thing that
changed is that Zope is no longer running behind IIS but behind
Apache
2.0.
I've exhaustedly debugged the code and this
what happens:
- As far as what it is concerned with the Python
Script itself,
everything seems to work properly;
so when redirection is needed
the python script executes it (or
at least it tries - see next
comment);
- No matter what happens with the Python script
(redirection or
just return), the control will always
return to the DTML doc
which didn't happen while Zope ran
behind IIS.
Now... I've managed to detour this problem by changing the general
structure of each DTML doc to the following:
<dtml-if expr="pyscripts.pyCheckLogin()">
<dtml-var standard_html_header>
(...)
<dtml-var standard_html_footer>
</dtml-if>
Which means I also change the script to return 1 when authentication
is valid and O when it's not (redirection).
Still, this intrigues me a lot since there should be a similar
behaviour
no matter what Web Server Zope is running behind.
Any suggestion to enlighten me on this X-File?
thanks in advance,
Vitor Varalonga