Okay, I'm a Zope newbie. I installed it on my laptop to muck with it, and so far I'm impressed. But I'm having some trouble...I tried to create a new user and add that user to the "Manager" role. I then changed the permissions in the Security tab to let Manager have some privs to do things. The only problem is, no matter what I try, I can't log in as that user.
Did you add that user to the very top root folder 'acl_users' User folder? If you added the user to a folder *below* the root folder, then you can only log in at the same level as the user folder the user is defined in. This is a very important security feature.
Yes, I added the user at the very top level. They have "manager" as a role. I've tried leaving Domains empty, adding "*", and adding "*.redhat.com", all without success. I also tried creating a folder and then adding a user there. No dice. I presume that I *should* be able to create a folder called "junk", then create a user in that folder with proper privs, then log in to that folder with something like: http://localhost:9673/junk/manage Right? It seems to want to do this, but all authentication attempts as anyone other than superuser fail.
I would have thought I could just pull up a browser on another machine somewhere, point it at my laptop, and log in. I can do this as the superuser, but not as the new user I created. Not at all. I don't see much in the docs about logging in as another user, either. Nor do I even see how to log *out* once you log in as the superuser (help?).
There is no concept of 'log out' with HTTP basic authentication. You log out when the server raises an 403 Unauthorized error. Or you can close the browser. You see, Zope challenges you on EVERY request you make, but web browsers are very nice (sometimes too nice) about caching the userid and password you used and using it all over the place to try and unlock any HTTP doors. Note this is very different from a cookie based authentication which some types of Zope products do.
Ahh, I see. Any chance cookie authentication is going to be added to the base Zope as an option? Are those "add on products" free as well? If so, where would one find them? Oh, one more thing...kudos to the team that built this stuff. It really is neat. --Donnie -- Donnie Barnes http://www.donniebarnes.com djb@donniebarnes.com "Bah." Challenge Diversity. Ignore People. Live Life. Use Linux. 879. V. Bats, when dipped in batter and deep fried, still taste pretty bad.