Didier Georgieff writes:
I have really simple login wich is a link to a Method "login" wich comprise
....... REDIRECT for login <dtml-call "RESPONSE.redirect(baseURL)">
and 'login' method has NO autorizations for anonymous.
It redirects me on the right "baseURL" page, but the "baseURL" inludes an "info" Document with
<dtml-var "AUTHENTICATED_USER.getUserName()"> <dtml-in "AUTHENTICATED_USER.getRoles()">
who shows ONLY anonymous after the first login..
IF I do a second login (exactly the same) then it works fine and i got the right Names and Roles.. I am not sure... ... but it might be possible that the browser sets a cookie only after the redirect.
I saw a comment in GUF (Generic User Folder, a Zope product for cookie base authentication) about the necessity of a double indirection because cookies might not be set during authentication. This would point into the above direction. I must admit, however, that I did not really understand the GUF comment. Dieter