[Zope-CMF] security and login problem
Tres Seaver
tseaver@zope.com
10 Sep 2002 09:31:31 -0400
On Mon, 2002-09-09 at 09:42, Casey Duncan wrote:
> A collector issue should be files re this. I know several people here have
> expressed a desire to fix it. I just think it has slipped through the cracks.
> At least it has some chance in the collector.
This is actually a result of introducing the crappy 'MS-Author-Via'
headers by default into Zope's WebDAV support; this modification was
added in order to permit Word to edit Zope documents, but screws up lots
of other stuff. We should make these headers optional, with a knob to
enable them.
> On Friday 06 September 2002 07:54 am, Chris Withers wrote:
> > Welcome to hell ;-)
> >
> > Kelley, Sean wrote:
> > > I am running CMF 1.3 and Zope 2.5.1 on a windows 2000K box. I have folder
> > > managers adding word documents and other files to this folder which
> > > anonymous users can view. When an anonymous user tries to open a file,
> they
> > > get a network login box popup. If they click cancel, the file will load.
> > > Why is this happening? I try viewing the files as an anonymous user and
> > > this does not happen. Users are using IE browsers v 5 and 5.5.
> >
> > Try these threads:
> > http://lists.zope.org/pipermail/zope-coders/2002-January/000619.html
> > http://mail.python.org/pipermail/zope/2002-January/106939.html
> >
> > This blows, and there have been lots of attempts to start a discussion about
> a
> > fix for it. I think Tres was one of the last people to raise issues about
> this
> > suckiness, so he'll no doubt comment
> >
> > Sadly, nothing, to my knowledge, has ever been down about this suckage :-(
> >
> > cheers,
> >
> > Chris
> >
> > PS: I have a brutal patch against Zope 2.5 that solves this provided you
> never
> > want to use any M$ applications to _author_ content.
Tres.
--
===============================================================
Tres Seaver tseaver@zope.com
Zope Corporation "Zope Dealers" http://www.zope.com