[Zope-CMF] how does Members folder force login?
Tres Seaver
tseaver@palladion.com
Wed, 18 Jul 2001 07:33:04 -0400 (EDT)
On Tue, 17 Jul 2001, marc lindahl wrote:
>
> > If you try to view something for which you don't have the permission,
> > Zope throws an Unauthorized exception, which generates a basic
> > authentication box.
>
> Sometimes... other times it gives you the (hard-coded) Unauthorized error
> page.
>
> > The CMF has a CookieCrumbler in it, which
> > intercepts the exception, and redirects to a login form instead. So
> > check out the cookie crumbler.
>
> Sure, I see where it does that in standard_html_header, but then I don't see
> anything special about the Security settings for the Members folder...
The 'roster' method, which functions as the default view for the
'Members' folder, calls a protected method on the 'portal_membership'
tool; the 'Members' folder therefore doesn't require any special
permission settings.
Tres.
--
===============================================================
Tres Seaver tseaver@digicool.com
Digital Creations "Zope Dealers" http://www.zope.org