Danny William Adair wrote:
Hi all!
I'm using LoginManager to provide for a non-HTTP authentication. A role "Member" has access to a folder "Restricted", the role "Anonymous" doesn't have any rights at all in this folder. All objects in this folder acquire these security settings. So far, so good.
The login form from the LoginManager product raises "LoginRequired" and shows the login screen when necessary. Mysteriously, I don't get to see my (customized) standard_error_message, but *the* standard error message when I try to access the folder unauthenticated. Now if I give Anonymous the right to "View" in the "Restricted" folder (and therefore view all contained objects - which I naturally don't want to do) and explicitly take that right away for index_html, any unauthenticated client trying to access the folder (->index_html) will see *my* standard_error_message (containing the login screen).
What is this all about?
Without looking closely at your system, it is hard to say. Perhaps your standard_error_message is itself causing an error of some kind. Therefore, you're getting the zope hard-coded error message. Try commenting out most of your standard_error_message, so that there is no possible way it could cause an error, then see if you see your version or the Zope hardcoded version. -- Steve Alexander Software Engineer Cat-Box limited http://www.cat-box.net