RE: [Zope] Question: user homepages
But surely the management interfaces use the user folder mechanism to authenticate (that, and checking for the superuser account), and the vanilla acl_users folder doesn't use cookies for authentication. So the concept of raising Unauthorized to "log out" won't work very well with browsers -- if I understood the solution correctly it means you'll get a password dialog in your face when you hit "Logout". Not very elegant? Besides, the question applies to the management interface, and the proposed solution would only work for a straight DTML page. Unless you do something peculiar, the two won't mix. -- Alexander Staubo http://www.mop.no/~alex/ "He won a first at Oxford, squandered three fortunes, made love to a thousand women, imbibed strange drugs, sold his soul for Rock 'n' Roll, almost pipped Einstein for the Nobel Prize, was barred from every Chinese noodle parlour in West London and died penniless, at a Hastings boarding-house in his ninetieth year." --Robert Rankin, _The Book of Ultimate Truths_
-----Original Message----- From: Michel Pelletier [mailto:michel@digicool.com] Sent: 15. juli 1999 00:07 To: 'Phil Harris'; Alexander Staubo; Zope Mailing List (E-mail); cg@cdegroot.com Subject: RE: [Zope] Question: user homepages
-----Original Message----- From: Phil Harris [mailto:phil@philh.org] Sent: Wednesday, July 14, 1999 3:48 AM To: Alexander Staubo; Zope Mailing List (E-mail); cg@cdegroot.com Subject: Re: [Zope] Question: user homepages
BTW: is there a way to log out from the management environment so you can connect as a user with less privileges for testing purposes?
That's browser-specific -- Zope's management interface does not do persistent logins. Just open a new browser instance. In IE 5.0, just open a new window.
Couldn't you just raise Unauthorized, that should then reset the security and allow you to login again.
e.g.
<!--#raise Unauthorized--> <!--#/raise-->
This works with PHP3 for instance but I've not tried it with Zope (yet).
Yep this can be done. I think what Alexander meant by browser specific is that the browser caches the Basic auth info in it's own peculiar way, some browsers make the information persistent in all windows, some only in the window which did the original authentication.
-Michel
HTH
Phil phil@philh.org
_______________________________________________ Zope maillist - Zope@zope.org http://www.zope.org/mailman/listinfo/zope
(For developer-specific issues, use the companion list, zope-dev@zope.org - http://www.zope.org/mailman/listinfo/zope-dev )
participants (1)
-
Alexander Staubo