[Zope-PTK] Adding LoginManager at the root

Kevin Dangoor kid@kendermedia.com
Tue, 16 May 2000 10:53:26 -0400


----- Original Message -----
From: "Tres Seaver" <tseaver@palladion.com>
To: "Kevin Dangoor" <kid@kendermedia.com>
Cc: <zope-ptk@zope.org>
Sent: Monday, May 15, 2000 11:28 PM
Subject: Re: [Zope-PTK] Adding LoginManager at the root


> Kevin Dangoor wrote:
> >
> > I'd like to replace my main acl_users folder with a LoginManager.
> > Logged in as the superuser, I'm able to delete the acl_users folder
> > and then add an acl_users LoginManager. However, I'm not able to add
> > a UserSource or SheetProvider, because "Objects cannot be owned by
> > the superuser".
>
> Jim just checked in changes today to fix the bootstrapping problem
> caused by the new security problem.  If you are using CVS, then a
> 'cvs update -A' in the lib/python/AccessControl folder would probably
> fix this.

I just did this. The trouble is that LoginManager comes with default DTML
methods for logging in and failed logins which can't be created by superuser
If I try to add SheetProviders or anything to the LoginManager, it fails
with that error mentioned above.

Trying to replace the root acl_users is a unique case... because only the
superuser can do so... a UserFolder doesn't have anything complicated to
setup, but LoginManager does. Perhaps changes need to be made to
LoginManager to make it easier to add to the root. (It could possibly create
an initial user with Manager role that can own the DTML methods and
sheetproviders...)


> > Has anyone tried adding a LoginManager at the root? I'm thinking that
> > I can probably work around this by building up a new LoginManager
> > elsewhere (logged in as something other than superuser), and then
> > move that LoginManager to the root...
>
> Cut-and-paste is not supposed to change ownership, so perhaps that would
> work.  I'd still go for updating from CVS, though.

This method will probably work, methinks.

Kevin