[Zope-PTK] Adding LoginManager at the root
Dan L. Pierson
dan@sol.control.com
Tue, 16 May 2000 09:01:16 -0400 (EDT)
Tres Seaver writes:
> Kevin Dangoor wrote:
> >
> > I'd like to replace my main acl_users folder with a LoginManager.
> > Logged in as the superuser, I'm able to delete the acl_users folder
> > and then add an acl_users LoginManager. However, I'm not able to add
> > a UserSource or SheetProvider, because "Objects cannot be owned by
> > the superuser".
Aha! This was the clue I needed. I just wasted 2 days trying to
install a LoginManager as a user with Manager role instead of as
superuser (on Zope 2.1.6). Am I the only one who does all site
building as a Manager? I thought that was the way it was supposed to
be done (yes, I use sudo in Linux instead of logging in as root too).
While I learned a lot about LoginManager in the process, I'm now
pretty convinced that it is impossible to install as Manager. The
visible symptom is that you are immediately presented with a default
login form with a bogus action url. Details:
- loginForm is called from the end of LoginManager.validate EVEN IF
you unchecked the box to create the default loginForm. I don't
understand this because hasattr(self, 'loginForm') should return false
if that box isn't checked.
- Given a test folder at
http://xxx.yyy.zzz/login_manager_tester/ltester, SCRIPT_NAME is '' and
PATH_INFO is //login_manager_tester/ltester. This makes the form's
action '//login_manager_tester/ltester'. All of this happens exactly
the same whether or not the default login form was enabled. All of
this also happens exactly the same whether I try to access the folder
logged in as a Manager or not logged in.
Now, obviously something else is bogus because validate shouldn't have
gotten all the way down to the last gasp case anyway. All I guess at
this point is that it's something to do with superuser vs. Manager
role permissions. Any clue as to what?