Fuck$%&ing gmail Sorry all for this stupidity To Dennis: I use Zope 2.9.5 final. Is this version concern with this bug? To Dieter: I use HTTP authentication method (at least I suppose that). I don't change anything about the default configuration nor use any cookie at least What I wonder is CrearFuncionalidad works ok but not BorrarFuncionalidad who are launched both in the same way Any idea? 2007/3/12, Garito <garito@gmail.com>:
To Dennis: I use Zope 2.9.5 final. Is this version concern
2007/3/12, Dieter Maurer <dieter@handshake.de>:
Garito wrote at 2007-3-12 04:04 +0100:
... In my code I don't use nothing about security and nothing is changed on zmi's security tab
But when I launch a method (Borrar if you remember) the user who launches the action is anonymous not the logged one
Your problem description is too terse to say something definite about the real problem.
But, I can tell you that whether or not a user appears to be anonymous or logged in only slightly depends on security settings.
The process is as follows:
The url traversal determines the published object and the path to reach it. From the published object the roles are determined necessary to access it. Then a user folder is looked for that can authenticate a user from the current request with the required roles. This lookup proceeds in the reverse order than the url traversal.
Thus, unless you have given your object unreasonable roles (usually you protect by a permission which is then mapped to a set of roles), the authenticated user primarily depends on the authentication information in the request.
In what kind the request contains authentication information highly depends on the form of authentication you are using. There are at least two widely used approaches: cookie based authentication and HTTP (basic) authentication.
In the first case, the user will appear "anonymous" whenever cookies are disabled.
-- Dieter
-- Mis Cosas: http://blogs.sistes.net/Garito
-- Mis Cosas: http://blogs.sistes.net/Garito