[Zope-dev] PAS CookieAuthHelper and insufficient privileges

Wichert Akkerman wichert at wiggy.net
Tue Oct 12 03:39:25 EDT 2010


On 10/12/10 02:21 , Laurence Rowe wrote:
> I'm currently implementing single sign on across Plone sites but have
> run into a bit of an issue with the CookieAuthHelper.
>
> Unauthorized accesses are redirected to its login_path attribute even
> when a user is already logged in. Plone works around this with a
> require_login script that traverses to insufficient_privileges (rather
> than login_form) when the user is not anonymous.
> http://dev.plone.org/plone/browser/Plone/trunk/Products/CMFPlone/skins/plone_login/require_login.py

The result is still nasty since it means the unauthorized error will 
always consider the user to be unauthenticated. I've implemented a 
workaround in NuPlone to fix that, see 
http://svn.plone.org/svn/collective/NuPlone/trunk/plonetheme/nuplone/skin/error.py 
. Perhaps something based on that will work for you as well.

Wichert.


More information about the Zope-Dev mailing list