[Zope-CMF] Forcing skins by role

Paul Winkler pw_lists@slinkp.com
Sun, 25 Aug 2002 13:12:21 -0700


On Sun, Aug 25, 2002 at 08:22:51AM +0200, Dieter Maurer wrote:
> "AUTHENTICATED_USER" is initialized even a bit later than
> the security context.

Yes, I'd deduced as much, as you've read by now.

> What you can try:
> 
>   Force authentication inside your access rule (by calling
>   the corresponding 'validate' method (probably of CookieCrumber)).

Which means I'd have to change it if I ever changed
the validation method... not very portable.

>   This can work as long as you do not have subsites with their own
>   "acl_users".

This is sounding much too fragile. Interesting idea, though.
--

Paul Winkler
"Welcome to Muppet Labs, where the future is made - today!"