Elena Schulz writes:

in the below folder-structure I've got the following problem: a user links to Methode1 where he does his login with role:Voter. Methode1 contains only <dtml-var Methode3>. The below form in Methode3 calls Methode2 on submit.

The problem: after submission of the form there is 2nd login-prompt for the already authentificated user. How can I get rid of that? All the Methods do have Manager-roles already. (I would like to cut them to Voter or Owner anyway)

Can anybody help me with that? .... folder-structure:

FolderA | |_FolderB:viewPermission->roles: Manager&Voter | |_acl_users-Folder: ..... | |_DTML Methode1:proxy=Manager | |_DTML Methode2:proxy=Manager | |_DTML Methode3:proxy=Manager There are 2 issues:

1. A login using "Basic Authentication" is effective only inside the folder containing the object that originally requested authentication. For basic authentication, this is an effect of the HTTP 1.1 specification about sending authentication info to a site (you may find some detials in <http://www.dieter.handshake.de/pyprojects/zope/book/chap3.html> and full details in the HTTP 1.1 specification). Usually, your browser will automatically provide the login info it has for a site when it is challenged by a different page from his site. However, when not challenged, the application may see a wrong user. This appears not to be your problem. 2. A user defined in an "acl_users" is known and has rights only in the folder containing this "acl_users". When it accesses any object outside of this folder, the access is treated as an access by an annonymous user. I expect that you see this an effect along these lines. However, I am not sure about the interaction with proxy roles. Dieter