[Zope] GenericUserfolder Authentication mysteries
Stuart 'Zen' Bishop
zen@cs.rmit.edu.au
Sat, 27 Nov 1999 16:14:09 +1100 (EST)
On Fri, 26 Nov 1999, Joachim Schmitz wrote:
This sounds like the same bug I've found with accessing the management
screens in certain ways, but in a form it will be easier for me to track
down.
I'll be looking at the outstanding issues in GUF either tomorrow or Monday
and hopefully have a new beta out by Wednesday with everything fixed :-)
> I have the following site-structure:
>
> root
> acl_users (standard Authentication)
> client
> |----- acl_users (Generic User Folder cookie auth)
> |----- index_html
> |----- bearbeiten (DTML-Method accesses EinAusgabe)
> |----- delete (ZSQL-Method)
> |----- data
> |---- index_htlm
> |---- table1
> |----- EinAusgabe (TinyTable)
> |----- index_html
>
> When I now access
>
> client/data/
> the Genericuser authentication dialog comes up, I enter username and
> password for user1, which has the roles Manager,Owner and Anonymous.
> Then the index_html page is displayed, which has link to:
>
> table1/bearbeiten
>
> DTML-method bearbeiten uses the TinyTable, which has all anonymous
> access unchecked, and is only accessable to Manager and Owner
>
> Now the apache authentication box pops up ??? when I cancel it,
> I get Zope-Error you are not allowed to access EinAusgabe.
>
> When I allow the anonymous access to EinAusgabe it works.
>
> Apparently the Genericuser does not use his roles. Any hint is
> apreacheated.
--
___
// Zen (alias Stuart Bishop) Work: zen@cs.rmit.edu.au
// E N Senior Systems Alchemist Play: zen@shangri-la.dropbear.id.au
//__ Computer Science, RMIT WWW: http://www.cs.rmit.edu.au/~zen