[Zope] Making sure all users are authenticated

David Goodenough david.goodenough@btconnect.com
Fri, 29 Jun 2001 11:23:33 +0100


This is a multi-part message in MIME format.
--------------F1C0E56FBB61C87FB5237FF5
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

I should preface this question with a little background.  I come from a
Lotus Domino world
where all users are authenticated (not the web interface which allows
anonymous but the
client interface).  I need to do something similar in a Zope
environment, that is to say that
I want to be sure that all users have authenticated themselves and that
the scripts can
find out who they are, but I do not want to make them Managers or
Owners.

I suppose that the answer to this is to create a new role (say "User")
and make sure that
all the users are enroled in that role and then only allow users with
that role to view the
objects that I wish to control in this manner.

I am relatively new to Zope, and have read the manual, but I am none the
wiser either as
to whether this is the right approach, or as to how I go about  adding
such a new role and
then how I add such a security filter so that only users with this role
can access the
objects, there only seems to be controls for Anonymous, Manager and
Owner.

--------------F1C0E56FBB61C87FB5237FF5
Content-Type: text/x-vcard; charset=us-ascii;
 name="david.goodenough.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for David Goodenough
Content-Disposition: attachment;
 filename="david.goodenough.vcf"

begin:vcard 
n:Goodenough;David
x-mozilla-html:FALSE
org:D.G.A. ltd
adr:;;;;;;
version:2.1
email;internet:David.Goodenough@DGA.co.uk
x-mozilla-cpt:;0
fn:David Goodenough
end:vcard

--------------F1C0E56FBB61C87FB5237FF5--