[Zope] Authenticated user in Session onAdd methods?

Julian Melville jmelville@selectaustralasia.com.au
Mon, 2 Sep 2002 17:46:29 +1000


If the object which is calling the SecurityGetUser().getUserName() is
accessible anonymously (i.e. user doesn't have to be authenticated to vie=
w)
then Zope always appears to return 'Anonymous User' even if the user has
logged in.

If you add some security on the item (say, remove  View privilege for the
anonymous user) then all of a sudden you will get the correct user info
returned.

I think this is very weird, but came across it myself last week. (2.5.1 o=
n
Windows 2000)

Dieter wrote:
> The session may be created too early, before authentication.

In my case, I'm not doing this when/before the session is created, in fac=
t I
can switch permissions back and forth on a test script and reload it over
and over, and get different results. If the script doesn't require a logi=
n,
then you can't get anything more than Anonymous User out of it...

Can anyone else confirm if this is a bug? I had a browse around the
Collector but couldn't see anything.

Julian.


> Hello zopistas,
>
> I want to incluye some default values in a session data container when
> it instantiates.
>
> I created a python script that called when new session is created. The
> problem is hat I need to know the user name in order to setup the
> default session values.
>
> For example:
>
> sdo['UserName'] =3D <way to obtain the username>
>
> I tried:
> sdo['UserName'] =3D _.SecurityGetUser().getUserName()
> and the result is always "Anonymous User" even if I am logged as an
> authenticated user.
>
> Thanks.
>
> Juan Carlos Coru=F1a
>
> jcoruna@ibdosnorte.com
>