Authenticated user in Session onAdd methods?
Hello zopistas, I want to incluye some default values in a session data container when it instantiates. I created a python script that called when new session is created. The problem is hat I need to know the user name in order to setup the default session values. For example: sdo['UserName'] = <way to obtain the username> I tried: sdo['UserName'] = _.SecurityGetUser().getUserName() and the result is always "Anonymous User" even if I am logged as an authenticated user. Thanks. Juan Carlos Coruña jcoruna@ibdosnorte.com
=?iso-8859-1?Q?Juan_Carlos_CORU=D1A?= writes:
I want to incluye some default values in a session data container when it instantiates.
I created a python script that called when new session is created. The problem is hat I need to know the user name in order to setup the default session values.
For example:
sdo['UserName'] = <way to obtain the username>
I tried: sdo['UserName'] = _.SecurityGetUser().getUserName() and the result is always "Anonymous User" even if I am logged as an authenticated user. The session may be created too early, before authentication.
I had hoped (and still do) that usually a session is only created after authentication. Do you use it somewhere in an AccessRule or other traversal hooks? Dieter
If the object which is calling the SecurityGetUser().getUserName() is accessible anonymously (i.e. user doesn't have to be authenticated to view) then Zope always appears to return 'Anonymous User' even if the user has logged in. If you add some security on the item (say, remove View privilege for the anonymous user) then all of a sudden you will get the correct user info returned. I think this is very weird, but came across it myself last week. (2.5.1 on Windows 2000) Dieter wrote:
The session may be created too early, before authentication.
In my case, I'm not doing this when/before the session is created, in fact I can switch permissions back and forth on a test script and reload it over and over, and get different results. If the script doesn't require a login, then you can't get anything more than Anonymous User out of it... Can anyone else confirm if this is a bug? I had a browse around the Collector but couldn't see anything. Julian.
Hello zopistas,
I want to incluye some default values in a session data container when it instantiates.
I created a python script that called when new session is created. The problem is hat I need to know the user name in order to setup the default session values.
For example:
sdo['UserName'] = <way to obtain the username>
I tried: sdo['UserName'] = _.SecurityGetUser().getUserName() and the result is always "Anonymous User" even if I am logged as an authenticated user.
Thanks.
Juan Carlos Coruña
jcoruna@ibdosnorte.com
Julian Melville writes:
If the object which is calling the SecurityGetUser().getUserName() is accessible anonymously (i.e. user doesn't have to be authenticated to view) then Zope always appears to return 'Anonymous User' even if the user has logged in.
If you add some security on the item (say, remove View privilege for the anonymous user) then all of a sudden you will get the correct user info returned.
I think this is very weird, but came across it myself last week. (2.5.1 on Windows 2000) This should no longer be the case with modern Zope versions (above 2.5, at least).
In fact, it was never the case with access to anything protected by a permission, even a permission granted to "Anonymous". If you are sure that it behaves as you described, then please file a bug report to <http://collector.zope.org>. Dieter
Julian Melville writes:
If the object which is calling the SecurityGetUser().getUserName() is accessible anonymously (i.e. user doesn't have to be authenticated to view) then Zope always appears to return 'Anonymous User' even if the user has logged in.
Dieter writes:
This should no longer be the case with modern Zope versions (above 2.5, at least).
In fact, it was never the case with access to anything protected by a permission, even a permission granted to "Anonymous".
Hmmm. Today I can't replicate this at all, yet I have a bunch of Python code from last week which I wrote to work around the problem... weird! Anyway, thanks Dieter. Julian.
participants (3)
-
Dieter Maurer -
Juan Carlos CORUÑA -
Julian Melville