[Zope] check permission problem
Clemens Klein-Robbenhaar
zope@zope.org
Fri, 6 Sep 2002 20:56:45 +0200 (CEST)
Hi John,
[...]
> Thanks -- you just forgot the () on getUserName.
oops :)
>
> But I am still encountering some strangeness.
>
> I am now doing
>
> <dtml-if "_.SecurityGetUser().getUserName()=='Anonymous User'">
>
> in standard_html_header and using the login_py with view set to manage
> permissions as before. I also calling
>
> <dtml-var "_.SecurityGetUser().getUserName()">
>
> just for debug purposes.
>
> When I visit the main page from a newly loaded browser, it loads with
> a Members Login button as expected and user name reported as
> 'Anonymous User'. When I click on the submit button, I get the
> password box as expected, and enter in a user/passwd with manager
> permissions. Then I get redirected back to the referer as expected,
> but the user name is still reported by the dtml-var call as 'Anonymous
> User'. Refresh doesn't help.
... but it seems one is logged in, as pressing the "login" button does
not cause a HTTP-auth window popping up,; nothing happens.
Its stupid, but I can see the logged in user, if I try:
http://nitace.bsd.uchicago.edu:8080/template/standard_html_header
i.e. things have no effect if You call the header from another DTML,
but calling the code directly works.
I admit I am puzzled. Maybe someone else having more Zen can explain
why authentification obtained by an called DTML-method is not visible
on the next request, if the DTML is called indirectly. (Maybe it's a
known Zope bug fixed log ago? Which version are You running?)
Cheers,
Clemens