[Zope-CMF] how does Members folder force login?

Tres Seaver tseaver@palladion.com
Wed, 18 Jul 2001 07:33:04 -0400 (EDT)


On Tue, 17 Jul 2001, marc lindahl wrote:

> 
> > If you try to view something for which you don't have the permission,
> > Zope throws an Unauthorized exception, which generates a basic
> > authentication box.
> 
> Sometimes... other times it gives you the (hard-coded) Unauthorized error
> page.
> 
> > The CMF has a CookieCrumbler in it, which
> > intercepts the exception, and redirects to a login form instead.  So
> > check out the cookie crumbler.
> 
> Sure, I see where it does that in standard_html_header, but then I don't see
> anything special about the Security settings for the Members folder...

The 'roster' method, which functions as the default view for the
'Members' folder, calls a protected method on the 'portal_membership'
tool;  the 'Members' folder therefore doesn't require any special
permission settings.

Tres.
-- 
===============================================================
Tres Seaver                                tseaver@digicool.com
Digital Creations     "Zope Dealers"       http://www.zope.org