[Zope] Assigning a Role Based on IP Address (domain)
David Legg
d.legg@ncl.ac.uk
Wed, 4 Jul 2001 16:18:44 +0100
Hi all,
I want to assign a user a role based on their IP address or domain. Looking
through the Zope book this seemed fairly straightforward but I can't get it
to work. The folder I am doing this in is one up from the root level, so I
can then lock things down from this folder up. This is what I did:
1. Created a new role called internalUser
2. Created a new user called anon, but didn't fill in the password fields,
specified the domain as *.mydomain.com and selected the role as
internalUser.
3. Created a DTML document (no security assigned) and did a <dtml-var
"AUTHENTICATED_USER.getRoles()"> to see what role was being assigned.
When I log into the document anonymously it still displays the role as
anonymous - yes I am in the right domain. When I set the security settings
to lock out anonymous but enable internalUser to view the page it still
prompts for a username and password - even though I didn't specify a
password. Looking at the user anon in acl_users the password field is filled
even though I didn't specified password - is this normal? Strangely when I
give this user a password and log in the ip/domain restriction works - there
must be something going amiss somewhere..
The reason why I would like to do it this way is so that I can conditionally
show/hide parts of a page based on this role just to give you some context -
provided it assigns the right role based on domain/ip!
If someone could provide some step by step instructions as to how they did
this (I cannot for the life of me see what I'm missing) and a possible
workaround perhaps using REMOTE_ADDR - I would dearly like to avoid this!
Thank you in advance
David