[Zope-dev] Authentication Patch

[Evan Simpson]

----- Original Message -----
From: Anthony Baxter <anthony@interlink.com.au>
> Should auth behave this way, tho? Should a top level acl_users take
> precedence over a lower level one?

It doesn't, or at least not entirely  Don't forget that a *successful*
authenticate on the inner acl_users will stop the entire process right
there.  It's only *unsuccessful* authentications which propagate to higher
levels.  If you have two levels of cookie-based authentication, then the
outer one will get it's page shown, of course.  That sort of behavior could
be made into a switch on, say, a GUF so that you can tell it whether to
defer to contained GUFs or not.

Cheers,

Evan @ 4-am