[Zope-CMF] security and login problem
Kelley, Sean
SKelley@ci.santa-rosa.ca.us
Fri, 6 Sep 2002 08:22:11 -0700
This does *REALLY* suck. I am trying to implement a zope test intranet in a
pro microsoft shop and I really need a workaround for this. I cannot tell
general users to ignore a login box all the time because my "experimental"
server doesn't work right. I may want to patch it to stop this problem at
the expense of blocking MS app editing but would prefer not to because I
know we have a lot of die hard Front Page users who will want to start
editing once I get up to speed. I might be willing to only let dreamweaver
editors modify but that's more expensive, they must learn a new program, and
it seems to have its own issues working with Zope in the little I have
started to use it.
Sean
> -----Original Message-----
> From: Chris Withers [mailto:chrisw@nipltd.com]
> Sent: Friday, September 06, 2002 4:54 AM
> To: Kelley, Sean
> Cc: 'zope-cmf@zope.org'
> Subject: Re: [Zope-CMF] security and login problem
>
>
> Welcome to hell ;-)
>
> Kelley, Sean wrote:
> > I am running CMF 1.3 and Zope 2.5.1 on a windows 2000K box.
> I have folder
> > managers adding word documents and other files to this folder which
> > anonymous users can view. When an anonymous user tries to
> open a file, they
> > get a network login box popup. If they click cancel, the
> file will load.
> > Why is this happening? I try viewing the files as an
> anonymous user and
> > this does not happen. Users are using IE browsers v 5 and 5.5.
>
> Try these threads:
> http://lists.zope.org/pipermail/zope-coders/2002-January/000619.html
> http://mail.python.org/pipermail/zope/2002-January/106939.html
>
> This blows, and there have been lots of attempts to start a
> discussion about a
> fix for it. I think Tres was one of the last people to raise
> issues about this
> suckiness, so he'll no doubt comment
>
> Sadly, nothing, to my knowledge, has ever been down about
> this suckage :-(
>
> cheers,
>
> Chris
>
> PS: I have a brutal patch against Zope 2.5 that solves this
> provided you never
> want to use any M$ applications to _author_ content.
>