[Zope] check permission problem

Clemens Klein-Robbenhaar zope@zope.org
Fri, 6 Sep 2002 20:56:45 +0200 (CEST)


Hi John,

 [...]
 > Thanks -- you just forgot the () on getUserName.

oops :)

 > 
 > But I am still encountering some strangeness.
 > 
 > I am now doing 
 > 
 >       <dtml-if "_.SecurityGetUser().getUserName()=='Anonymous User'">
 > 
 > in standard_html_header and using the login_py with view set to manage
 > permissions as before.  I also calling 
 > 
 >       <dtml-var "_.SecurityGetUser().getUserName()">
 > 
 > just for debug purposes.
 > 
 > When I visit the main page from a newly loaded browser, it loads with
 > a Members Login button as expected and user name reported as
 > 'Anonymous User'.  When I click on the submit button, I get the
 > password box as expected, and enter in a user/passwd with manager
 > permissions.  Then I get redirected back to the referer as expected,
 > but the user name is still reported by the dtml-var call as 'Anonymous
 > User'.  Refresh doesn't help.

 ... but it seems one is logged in, as pressing the "login" button does
not cause a HTTP-auth window popping up,; nothing happens.

Its stupid, but I can see the logged in user, if I try: 

  http://nitace.bsd.uchicago.edu:8080/template/standard_html_header

i.e. things have no effect if You call the header from another DTML,
but calling the code directly works.

I admit I am puzzled. Maybe someone else having more Zen can explain
why authentification obtained by an called DTML-method is not visible
on the next request, if the DTML is called indirectly. (Maybe it's a
known Zope bug fixed log ago? Which version are You running?)


Cheers,
Clemens