8 Nov
2002
8 Nov
'02
10:10 p.m.
Grant K Rauscher writes:
recently I noticed that methods for retrieving user roles are affected by the URL from which the user logged in using basic authentication (as opposed to the location of the user account).
This is how the HTTP 1/1 specification requires it to be. Your browser follows this spec.
I don't see any authentication-related cookies at all from ZOPE, session or otherwise, just basic http authorization. Apparently, you are using a user folder that uses basic authentication. There are user folders around that can (be configured to) use Cookie authentication. You can also use CookieCrumber for that.
Dieter