[Zope] userdb: popup widow when auth fail [Q]

Bruno Mattarollo brunomadv@ciudad.com.ar
Sat, 8 Jan 2000 13:08:12 -0300


Hello...

	I am a site where I use UserDB (with cookie-authentication) to validate users.

	I have a folder where I placed an index_html file that contains something like this:

<dtml-if "AUTHENTICATED_USER.getUserName()=='Anonymous User'">

<dtml-call "RESPONSE.setBase('http://izote.infosys.com.ar/Zope/research/acl_users')">
<dtml-with acl_users>
     <dtml-var docLogin>
</dtml-with>


<dtml-else>

... [ the document goes here ] ...


I have tryied setting up the permissions on the "research" folder and unchecked the "Acquire permissions" from the "security tab" for the "Access content", "FTP Access" and "View". I have two local roles "Member" and "Client", I checked the combos for this two roles. I also selected the "Manager" role in the "proxy" tab of the docLogin DTML from the UserDB acl_users folder. When I try to access the URL http://izote.infosys.com.ar/Zope/research/ I get the following traceback:

<!--
Traceback (innermost last):
  File /export/home/bmatt/iPersonal/lib/python/ZPublisher/Publish.py, line 214, in publish_module
  File /export/home/bmatt/iPersonal/lib/python/ZPublisher/Publish.py, line 179, in publish
  File /export/home/bmatt/iPersonal/lib/python/Zope/__init__.py, line 201, in zpublisher_exception_hook
    (Object: ElementWithAttributes)
  File /export/home/bmatt/iPersonal/lib/python/ZPublisher/Publish.py, line 151, in publish
  File /export/home/bmatt/iPersonal/lib/python/ZPublisher/BaseRequest.py, line 426, in traverse
  File lib/python/Products/UserDb/UserDb.py, line 289, in validate
    (Object: RoleManager)
  File lib/python/Products/UserDb/UserDb.py, line 284, in cookie_validate
    (Object: RoleManager)
LoginRequired: (see above)

-->

What I am doing wrong? If I don't uncheck all the "Acquire permissions" from the security tab of the folder I can use the login, because I am doing the "dtml-if" statement on the DTML-document, but I presume that's not the way it's suposed to work. My docLogin file uses the <dtml-var standar_html_header> tags, that's why I put the "proxy" role.

The problem that's annoying me, and that's why I am asking this question, is that with my method (the dtml-if in the index_html) whenever a user put's a wrong user/password, he/she gets the pop-up window prompting for user/password. I do not want that to happen.

Can someone give me a hint on what I am doing wrong?

TIA


/B

Bruno Mattarollo <brunomadv@ciudad.com.ar>