[Zope-CMF] How to make your CMF portal "Members Only"

Ausum Studio ausum_studio@hotmail.com
Mon, 19 Aug 2002 04:58:06 -0500


Chris Withers wrote:
> Tweaking permissions is definitely the way to go :-)
(...)
> > ¿Has anyone found a better way to deny all kind of access to a CMF site,
> > except to previously registered members?
>
> You probably also want to look into tweaking the permissions on your CMF
Site
> object so only memebrs can 'View' and 'Access contents information'...


I tried that and, as I said, the result is a browser's hung-up (IE and
Opera). Fortunately Mozilla did have an error message: "Redirection limit
for this URL exceeded. Unable to load the requested page". What apparently
happens is that the missing authorization redirects the request to the
"login_form" URL instead of the browser's login prompt, but due to any
method can't be viewed by anonymous users, it is again redirected to itself
thus starting the redirection loop.

There shoud be a way to effectively restrict access to a CMF object except
to one single login-form method. Or maybe to modify the redirections'
behaviour, enabling CMF to run without calling its contained "login_form" at
the login time, just to priorize the browser's prompt.




Ausum