[Zope] UserFolder Alternate Login

Bill Anderson bill@libc.org
Fri, 05 Jan 2001 21:43:53 -0700


dlee@usol.com wrote:

> Zopatistas,
> 
> I need functionality that none of the UserManagers seem to address. I 
> need to allow a user to elect to log in (and set 
> AUTHENTICATED_USER) as opposed to have them access a restricted 
> resource to trigger cookie authentication. 

*Ahem* Actually, Membership *does* provide login/logout forms that do 
not require accessing a private section of a site.

> I am essentially limited to GUF because it's the only thing I can install 
> on my provider's system (I can't compile the LoginManager). Is there 
> a way to allow the user to login at will, and still get 
> AUTHENTICATED_USER set?

Ok, that's different.

Dead Simple way(tm):
Make page that *does* have a need for login. Put a link to it, call the 
link "login".
When they access the page, they wil not have permission to see it, and 
will thus be given a request for authentication, the logging them in part.

If you put this method in the root of your site, say calling it 'login' 
for an id, then you could put a link in your menuing system that calls 
it with an href of "login".

Then, in your 'login' method/page, you set it up to redirect back to the 
page they were on when they clicked the login link. There are several 
examples of this part around; search the Mailing List(s) archives.

Until such time as they do log in, the user will be 'Anonymous'. As 
such, you would make the appearance of the login link dependant on the 
AUTHENTICAT_USER having the Role 'Anonymous'.

Without using a cookie login system, you _must_ access a restricted 
resource, even if it just a redirect. That is how basic Authentication 
works. If you are using cookie login, there are HowTos on that around as 
well. You just show the user the login page.



Bill Anderson