Some of my users have had trouble when using IE (5.5 or greater, particularly the verion that comes with WinXP). While it doesn't seem to be a server OS issue, I suspect that it does have something to do either with acquisition and Zope (where the acl user folder is located within the heirarchy somehow affecting the cookie) and/or within IE itself (IE somehow making an assumption that anything below the initial login branch is okay but then "invalidating" the assumption when the user goes above the point of initial login). I don't have the code for IE and my search on the 'Net hasn't turned up any evidence to support the latter theory, so take it for what its worth. A conceivable workaround would be to detect an unauthorized person, redirect to the root/home page, authenticate, and then redirect back to the original page. Once IE is authenticated as far up as it can go, it seems to behave itself. How you do the work around, however, is unknown. The workaround that I suggest to my users is to get Netscape. I have that luxury, and that does solve the problem. Unfortunately, that won't help you. Sorry I can't be of more help. Ron

Sorry for writing to your directly on this, but I am in a bit of a time crunch and I am trying to sell zope to my managers. But if it this is not going to work with IE it is a show-stopper. I have writttn Jens V. (author of CUF) also, but he could offer no help as he is a Mac/UNIX guy too. So am I, but somehow I get stuck aiding the unwashed Windows massess.

I a am Galeon fan myself, but unfortunately most of the people hitting my site are going to be using the evil, but pervasive, IE.

Thanks for your comment.

-D

On Tue, 19 Feb 2002, Dieter Maurer wrote:

...

darrylc writes: Can you please stay on the mailing list? (Added again)

...

I have been running tests with IE 5 and IE 6 and am running into the same problem. If I set the CUF to expire the cookies after the browser session, I can view the first page on my site, but if I go to another link within the same site/level I get thrown back to the authorization page and zope thinks I am an anonymous user. This is with the expiration set to end after the session.

Testing with Netscape, Galeon, or Opera works fine.

Anyone else see this? A colleague may have seen something similar:

He works on a Zope-CMF based portal. When he logs in from deep inside the portal, he looses the authentication cookie when he later visits pages higher up in the portal.

This is normal behaviour when the "setCookie" call does not contain a "path" parameter. However, when I tried to reproduce the behaviour, I have been unable to do so. The difference: while I work with Netscape/Konqueror my colleague uses IE (5.5).

_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )