GUF & SQL login problems
Hi, I want to set up not-encrypted SQL login, using GenericUserFolder README, a walkthrough and GUF_SQL_crypt howto. After I installed GUF and created GUF-protected folder (i.e. before I made the changes described in GUF_SQL_crypt howto), I was able to log in as jorge:secret. After I made the changes, and try to login using correct username and password, the login dialog always reappears. Login is not possible. There are two things that I had to do differently than described in GUF_SQL_crypt howto: 1) The GenericUserFolder as installed did not flush. It complained about "safty value checkbox". But the manage_cache.dtml was using radiobutton instead of checkbox. So I patched it to use checkbox, and it flushed correctly. 2) I changed the change_password_report, because I do not want to use crypt. But since it is not called when I simply try to login, it should not matter. Anyway, here are my changes: I changed line: <dtml-if "_.crypt.crypt(password,'ab')==_['sequence-item'].real_password"> to this: <dtml-if "password==_['sequence-item'].real_password"> and also I changed this line: <dtml-call "REQUEST.set('password',_.crypt.crypt(first_password,'ab'))"> to this: <dtml-call "REQUEST.set('password',first_password)"> -- Milos Prudek
Milos Prudek wrote:
Hi,
I want to set up not-encrypted SQL login, using GenericUserFolder README, a walkthrough and GUF_SQL_crypt howto.
After I installed GUF and created GUF-protected folder (i.e. before I made the changes described in GUF_SQL_crypt howto), I was able to log in as jorge:secret.
After I made the changes, and try to login using correct username and password, the login dialog always reappears. Login is not possible.
Out of despair I changed the userAuthenticate to only have one line: <dtml-return "_.int('1')"> So GUF should always login anyone! But it does not. The log in web form dialog always reappears. Could it be something with permissions? When I followed GUF walkthrough I did exactly what I was told: For GUF itself (acl_users), disable all acquisition, and provide "Can Login and Logout" and "Access Contents" for the "Anonymous" role. That locked me out of GUF protected folder... So I added an extra step: I gave the "Manager" role all permissions... this step seems to be neccessary, but it is not in the README or walkthrough... And for the GUF-protected folder I did the same extra step of giving the Manager role all permissions... Maybe the ZSQL/method placement is at fault? The "specialrole" is defined at the Zope root folder (because the admin user is defined at the root folder, and I would not be able to assign proxy roles otherwise). All ZSQL methods are inside the GUF-protected folder. -- Milos Prudek
I want to set up not-encrypted SQL login, using GenericUserFolder README, a walkthrough and GUF_SQL_crypt howto.
Out of despair I changed the userAuthenticate to only have one line: <dtml-return "_.int('1')">
spent some 6 hours trying to get GUF working with postgresql... read all docs twelve times over... Any attempt tp log in results in the following log: 127.0.0.1 - - [03/Sep/2001:22:11:20 +0200] "POST /guftest/acl_users/loginSuccess HTTP/1.1" 302 7199 "http://localhost/guftest/index_html" "Mozilla/5.0 (compatible; Konqueror/2.1.1; X11)" 127.0.0.1 - - [03/Sep/2001:22:11:20 +0200] "GET /guftest/index_html HTTP/1.1" 500 2199 IN SPITE of userAuthenticate containing just <dtml-return "_.int('1')">... any attempt to access http://localhost/guftest/index_html displays the web login form... and when I enter ANY data, first http://localhost/guftest/acl_users/loginSuccess URL appears for a very short time, and then I'm back at http://localhost/guftest/index_html with the same empty weg login form. -- Milos Prudek
Milos Prudek writes:
I want to set up not-encrypted SQL login, using GenericUserFolder README, a walkthrough and GUF_SQL_crypt howto.
Out of despair I changed the userAuthenticate to only have one line: <dtml-return "_.int('1')">
spent some 6 hours trying to get GUF working with postgresql... read all docs twelve times over... Any attempt tp log in results in the following log:
127.0.0.1 - - [03/Sep/2001:22:11:20 +0200] "POST /guftest/acl_users/loginSuccess HTTP/1.1" 302 7199 That is a "redirect" -- not too bad.... "http://localhost/guftest/index_html" "Mozilla/5.0 (compatible; Konqueror/2.1.1; X11)" 127.0.0.1 - - [03/Sep/2001:22:11:20 +0200] "GET /guftest/index_html HTTP/1.1" 500 2199 That is a "Internal Server Error", quite bad!
Activate Zope logging by adding "STUPID_LOG_FILE=your_log_file" to the start of "z2.py". Look into this log file. I would expect a GUF error log entry.... Dieter
participants (2)
-
Dieter Maurer -
Milos Prudek