Hello, My development system: Zope Version: Zope 2.3.2 (binary release, python 1.5.2, linux2-x86) Python Version: 1.5.2 (#1, Aug 25 2000, 09:33:37) [GCC 2.96 20000731 (experimental)] System Platform: linux-i386 My deploy system: Zope Version: Zope 2.3.0 (source release, python 1.5.2, linux2) Python Version: 1.5.2 (#10, Feb 12 2001, 15:36:48) [GCC 2.95.2 19991024 (release)] System Platform: freebsd4 I get things working on my development environment, then export the folder, re-import on the deploy machine. I have a database which only allows selected 'users' update permission. I grouped these users and the update methods in a folder called 'Update'. Created a role called 'dbupdate', then disabled all 'Acquire permissions settings' for the Update folder, then enabled the following for the 'dbupdate' role: Access contents information Open/Close Database Connection(s) Query Vocabulary Search ZCatalog Use Database Methods Use Factories Use mailhost services View View History View management screens Enabled all settings for 'Manager' role. On my development machine, this does what I want it to. If someone trys to access the '/ADASS/Datbase/Update' URL it prompts them for a login/password. I exported the 'Update' folder, then imported it (Retain existing ownership info) into my deploy machine. On the deploy machine, I cannot get past the login prompt without getting 'Authorization Failed, Retry?'. If I press the 'Cancel' button, I then get: Zope Error Unauthorized You are not authorized to access title_or_id. I've re-checked and changed my 'users' login several times, and this is not the problem. I've tried setting 'Proxy' to 'Manager' and 'dbupdate' role on: Update/index_html, but this does not fix it either. I've looked at the security settings at the root level, and there are no glaring differences between the two machines. The only difference I see is the difference in the two Zope version numbers 2.3.0 vs 2.3.2. Suggestions? Thanks, --irene ---------------------------------------------------------------- Irene Barg Email: ibarg@as.arizona.edu Steward Observatory Phone: 520-621-2602 933 N. Cherry Ave. University of Arizona FAX: 520-621-1891 Tucson, AZ 85721 http://nickel.as.arizona.edu/~barg ----------------------------------------------------------------
Irene Barg writes:
.... On my development machine, this does what I want it to. If someone trys to access the '/ADASS/Datbase/Update' URL it prompts them for a login/password. I exported the 'Update' folder, then imported it (Retain existing ownership info) into Maybe that is the problem:
Does the owner exists on the production side? If not, there are effectively only the rights for anonymous as the effective permissions are the intersection of the users permissions and that of the owner. If the owner does not exist, he has at most anonymous permissions. Dieter
Dieter, Ok, I went back and removed the Update folder, then imported it using the option 'Take ownership of inported objects'. It prompts for the login Id and password, but it just says 'Authorization failed, retry?'. I've removed the users in the acl_users folder and re-created them, this doesn't fix it. Thanks for the suggestion. --irene Dieter Maurer wrote:
Irene Barg writes:
.... On my development machine, this does what I want it to. If someone trys to access the '/ADASS/Datbase/Update' URL it prompts them for a login/password. I exported the 'Update' folder, then imported it (Retain existing ownership info) into Maybe that is the problem:
Does the owner exists on the production side? If not, there are effectively only the rights for anonymous as the effective permissions are the intersection of the users permissions and that of the owner.
If the owner does not exist, he has at most anonymous permissions.
Dieter
-- ---------------------------------------------------------------- Irene Barg Email: ibarg@as.arizona.edu Steward Observatory Phone: 520-621-2602 933 N. Cherry Ave. University of Arizona FAX: 520-621-1891 Tucson, AZ 85721 http://nickel.as.arizona.edu/~barg ----------------------------------------------------------------
participants (2)
-
Dieter Maurer -
Irene Barg