[Zope] AUTHENTICATED_USER?

Guy Davis davis@arc.ab.ca
Mon, 14 Feb 2000 09:58:26 -0700 

Thanks for this response.  I saved it for a while but recently got
around to following your suggestions.  I set this up so that
AnonymousDomainUser is available at the top level folder.  Then in
/Projects/TestProject, I have a whole set of other users as there is no
anonymous access to TestProject.  When some from the right domain brings
up the root folder, they match to AnonymousDomainUser but when they try
to bring up TestProject, their username and password are consistently
rejected.

If I then go back to the security panel of the root folder and give the
Anonymous role just the capability to view, they can then login properly
and access TestProject, but then I have lost the domain filtering on
anonymous viewers.

Is there some way to have both anonymous domain-restricted access and
also certain directories with only authorized-user access?  Thanks.

Martijn Pieters wrote:
> 
> Yes. You can make a new Role, let's call it DomainUser. You give this
> Role all privileges that the Anonymous Role has, and you revoke all
> rights from the Anonymous Role.
> 
> Now you create a new user, and call this AnonymousDomainUser. This user
> you give _no_ password, just leave the password fields blank. You do
> specify the domains however; it is a space separated list of domain
> specs, where each domain spec can be either a domain name, or an IP
> address, where wildcards can be used anywhere between the dots. For
> example: *.zope.org *.digicool.com 192.8.*.* is a valid domain spec. And
> you also give the user the DomainUser Role.
> 
> Now, as soon as a visitor comes to your site from a domain that matches
> the domain spec, Zope will, without asking for a password, match him
> against the AnonymousDomainUser User, give him the DomainUser Role, and
> grant that visitor access.
> 
> Anyone from any other domain will be prompted for a username and
> password.
> 
> --
> Martijn Pieters, Software Engineer
> | Digital Creations http://www.digicool.com
> | Creators of Zope      http://www.zope.org
> | mailto:mj@digicool.com       ICQ: 4532236
> | PGP:
> http://wwwkeys.nl.pgp.net:11371/pks/lookup?op=get&search=0xA8A32149
> -------------------------------------------

-- 
       Guy Davis    mailto:davis@arc.ab.ca
  (403) 210-5334    Alberta Research Council