How to prevent access to Ananymous User?
Hi, I'ld like to build a web site with Authentication. I'm using "ex User Folder" to create authentication. I'm using MySQL and Cookie based authentication. When I access the page It still logging in as "Anonymous User",(I think it should redirect to the login page). If I go to the login page manually and logging in with username and password it's working fine. Please suggest me how to prevent "Anonymous User" from viewing the pages. I'll be really looking forward for your reply. Thanks & Regards Praveen __________________________________________________ Do you Yahoo!? Yahoo! Web Hosting - establish your business online http://webhosting.yahoo.com
On Tuesday 11 March 2003 05:51, K.Praveen Kumar wrote:
Hi, I'ld like to build a web site with Authentication. I'm using "ex User Folder" to create authentication. I'm using MySQL and Cookie based authentication. When I access the page It still logging in as "Anonymous User",(I think it should redirect to the login page). If I go to the login page manually and logging in with username and password it's working fine. Please suggest me how to prevent "Anonymous User" from viewing the pages. I'll be really looking forward for your reply.
Just remove 'View' and 'Access contents information' permissions to the 'Anonymous' role on the folder which is at your site root. Thierry
Dear Thierry FLORAC, If I do what you said then It is popup a Screen asking for login and password. It is taking anything you enter and logging in as "Anonimous User". If you require I'll send you the URL of the site where you can understand the problem and help me out. My problem is While accessing the web pages. Not in the Zope directories. If I use "ex User Folder" for authentication it will create a "acl_user" folder. If we are attempting to access the directory (Where we have created acl_user folder) that will redirect to the Login Page. After Logging in only it'll agsin redirect to the Home page. In my case it is not happening. It is directly taking the user as "Anonimous User" and showing up. How should I get that. --- Thierry FLORAC <thierry.florac@onf.fr> wrote:
On Tuesday 11 March 2003 05:51, K.Praveen Kumar wrote:
Hi, I'ld like to build a web site with Authentication. I'm using "ex User Folder" to create authentication. I'm using MySQL and Cookie based authentication. When I access the page It still logging in as "Anonymous User",(I think it should redirect to the login page). If I go to the login page manually and logging in with username and password it's working fine. Please suggest me how to prevent "Anonymous User" from viewing the pages. I'll be really looking forward for your reply.
Just remove 'View' and 'Access contents information' permissions to the 'Anonymous' role on the folder which is at your site root.
Thierry
__________________________________________________ Do you Yahoo!? Yahoo! Web Hosting - establish your business online http://webhosting.yahoo.com
On Tuesday 11 March 2003 11:06, K.Praveen Kumar wrote:
Dear Thierry FLORAC, If I do what you said then It is popup a Screen asking for login and password. It is taking anything you enter and logging in as "Anonimous User". If you require I'll send you the URL of the site where you can understand the problem and help me out. My problem is While accessing the web pages. Not in the Zope directories. If I use "ex User Folder" for authentication it will create a "acl_user" folder. If we are attempting to access the directory (Where we have created acl_user folder) that will redirect to the Login Page. After Logging in only it'll agsin redirect to the Home page. In my case it is not happening. It is directly taking the user as "Anonimous User" and showing up. How should I get that.
A correct acl_user folder have to be defined at the root of your site for authentication to work correctly. And if your user folder allows you to login with any authentication username/password, you may have something misconfigured. What can also occur when you restrict access on only a few number of pages, is that : - after the first required authentication on login page, some browsers will continue to provide authentication parameters, even on public pages - but some of them will only provide the same authentication parameters on protected pages. To handle such things and follow user's session correctly, you have to remember authentication parameters and use cookies and session machinery... Thierry
participants (2)
-
K.Praveen Kumar -
Thierry FLORAC