Re: [Zope] authentication problem
"Maybe it is time to patch Zope so that it is RFC standards conformant ??" I've posted a small patch on the list yesterday (http://lists.zope.org/pipermail/zope/2001-September/098965.html). manage_workspace verifies the roles against an Anonymous user and thus, it doesn't challenge the browser. The only method I found is to force manage_workspace to verify against an Authenticated user and the problem is gone. I think that it make sense to check the roles of the Authenticated user because by definition, the user must be authenticated to access the ZMI. But on the other hand, I don't know if I've done something wrong.
Someone should put the issue in the collector - any volunteers? :-) seb * Dominique.Dutoit@cec.eu.int <Dominique.Dutoit@cec.eu.int> [010904 12:58]:
"Maybe it is time to patch Zope so that it is RFC standards conformant ??"
I've posted a small patch on the list yesterday (http://lists.zope.org/pipermail/zope/2001-September/098965.html). manage_workspace verifies the roles against an Anonymous user and thus, it doesn't challenge the browser. The only method I found is to force manage_workspace to verify against an Authenticated user and the problem is gone. I think that it make sense to check the roles of the Authenticated user because by definition, the user must be authenticated to access the ZMI. But on the other hand, I don't know if I've done something wrong.
seb bacon wrote:
Someone should put the issue in the collector - any volunteers? :-)
Yoink! http://classic.zope.org:8080/Collector/2567/view Chris
participants (5)
-
Chris McDonough -
Chris Withers -
Dominique.Dutoit@cec.eu.int -
Jerome Alet -
seb bacon