[Zope-dev] Zope security alert and 2.2 information
Brian Lloyd
Brian@digicool.com
Wed, 10 May 2000 11:06:43 -0400
> Which does bring be back to the question of what is the relationship
> between the 'nobody' user and the 'Anonymous' user.
They are different names for the same thing. When you visit a
(Zope) site without credentials, you are visiting as the
Anonymous/nobody user. 'Anonymous User' is the name that you
see in Zope UI (for example in undo logs if the AU ever does
something that causes a transaction). Internally in the Zope
code, this user is known as 'nobody'. To be exact, the
username attribute of the nobody user is 'Anonymous User'.
> Currently, if you could re-authenticate as the Annonymous user, all
> would be good with the world ;-)
>
> Unfortunately, I don't think you can...
It can be hard (esp. with Basic or Digest authentication). With
cookies its not as difficult, but it would be much better if
there were a way that worked for all of these.
Brian Lloyd brian@digicool.com
Software Engineer 540.371.6909
Digital Creations http://www.digicool.com