[Zope-dev] Problems with LoginManager form-based login

Phillip J. Eby pje@telecommunity.com
Wed, 24 May 2000 10:51:38 -0500


At 05:24 PM 5/24/00 +0300, Itamar Shtull-Trauring wrote:
>"Phillip J. Eby" wrote:
>
>> Make your root acl_users a LoginManager, with the loginForm there.
>> LoginManager will only allow "Anonymous" to log in if it is the root
>> acl_users.  This is how standard user folders behave, and *have to* because
>> of the way manage_workspace works, unfortunately.  Until/unless a new login
>> protocol is worked out in Zope, this is the workaround.
>
>But this user isn't even supposed to access manage_workspace - I just need
>it to access a PTK join_form so it can become a member.  
>
>I tried making loginForm on the top level display a dtml method
>customLoginForm (which contains the actual form), and then override it in
>the PTK folder, but it doesn't - it displays the one on the top level.  And
>I can't use the same loginForm in the whole site, because I may have  few
>portals, and I need the login form to say "if you are not a member you can
>join here".
>
>Any ideas?
>


This is a problem that apparently can only be solved by replicating
ZPublisher's backward walk, which is the wrong thing to do because the
traversal will be O(n^2).  Bleah.  I guess we'll have to do something like
Stuart Bishop's backward walk in the GUF, since any enhancement of the
ZPublisher architecture to handle login forms properly won't happen until
at least 2.2.

Meanwhile, I suppose Ty and I should try to come up with a proposal for
revising ZPublisher to be able to walk back on the user lookups but still
use the login form closest to the URL being accessed.