user log-ins not persisting
I have a situation where Zope log-ins only seem to be recognized by the first page viewed after the user logs in. I have only been able to duplicate this in Mozilla I'm using the following if-logic to check if a user is logged in and selectively display content. <dtml-if "AUTHENTICATED_USER.getUserName() == 'Anonymous User'"> For the first page after they authenticate this tests false, yet on subsequent pages it tests as true... Any Ideas on what's happening here? Much appreciated. -- David
David Siedband wrote at 2003-9-9 10:47 -0700:
I have a situation where Zope log-ins only seem to be recognized by the first page viewed after the user logs in.
I have only been able to duplicate this in Mozilla
HTTP Authentication is quite a difficult terrain... The HTTP 1.1 specification does not strictly require a browser to send authentication information in a request unless challenged by an Unauthorized (401) response. It says, a request *should* send authentication information automatically for a subhierarchie when an URL in the root folder of this hierarchy required authentication. If a browser follows the "should", an authentication at Zope's root folder authenticates you everywhere. However, an authentication below the root folder only authenticates you in the respective subhierarchy. If the browser does not follow the "should", then only objects not accessible by "Anonymous" will see any authentication. If this is a problem for you, leave HTTP authentication and switch over to cookie authentication (by means of CookieCrumbler). Dieter
participants (3)
-
Chris Withers -
David Siedband -
Dieter Maurer