[Zope] cookies don't obey me

Roland Reumerman zope_ddi@hotmail.com
Mon, 09 Oct 2000 13:22:29 CEST


I've been experiencing two problems with cookies from Zope:

1) When I set a cookie with the path set to the root
   <dtml-call "RESPONSE.setCookie('account',AUTHENTICATED_USER,path='/')">
I'm still not able to click through to another hyperlink once I'm logged in, 
i.e., I've used www.ddi.nl/support to go the password protected Zope site, 
logged in as a customer, and from there I can choose other parts of the site 
(below .../support/). However, www.ddi.nl is an alias of 
www.datadistilleries.com (the actual name): as a result it asks me for the 
password again. I thought setting the path to '/' would convince Zope I'm 
authorized, but apparently it's not the case.

2) This might be related to 1. I've created a logout link on the 
.../support/index_html page, which looks as follows:
<dtml-call "RESPONSE.expireCookie('account',path='/')">
<dtml-call 
"RESPONSE.redirect('http://www.datadistilleries.com/support.html?section=m6&envelope=6')">
However, once I've been redirected I can still access the password protected 
.../support/ site without Zope asking me for a login name.

Now, I'm not 'cookie guru', so please don't tell me how stupid it is of me 
that I didn't think of this or that to make it work. I did do my background 
research homework though!

Thanks for reading this far ;-).

RCR


_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.