[Zope-dev] Redirection and Authentication
Christian Scholz
cs@comlounge.net
Tue, 29 Aug 2000 23:36:46 +0200
Hi!
I had a little problem and just wanted to ask if someone knows an explanation..
The goal:
I want to show a list of newsitems to the user. If an administrator wants
to change it he should be able to log in and see the same list but with edit-
buttons.
The setup is:
/folder/list - public accessible dtml method which show the list
/folder/edit - protected dtml method
The edit method is protected so that the login requester pops up and asks
for a passwort.
Originally I was simply redirecting back to the list page inside the edit document by
<dtml-call "RESPONSE.redirect('...../list')">
(the only line in the document)
In list I then check for a login with
<dtml-if "REQUEST['AUTHENTICATED_USER'].has_permission('whatever',this())">
.. show edit button here ...
</dtml-if>
The problem is now that after the Redirect AUTHENTICATED_USER is again set to
Anonymous (which I tested by printing AUTHENTICATED_USER). If I do no redirect
but put a normal link back to the list document, everything works as expected
(thus showing the edit button).
So has anyone an explanation? (Version is 2.2.0)
(right now I directly include the list again in the edit document by
using dtml-var. Works for this little thing but I assume this only being
a workaround..)
(I also remember having some strange problems with a redirect from python some
time ago. Back then it did not commit the database transaction in Oracle. After
putting a get_transaction().commit() before the redirect made things work again.)
cheers,
Christian
--
Christian Scholz MrTopf@IRC
COM.lounge http://comlounge.net/
communication & design cs@comlounge.net