[Zope] acl_users and cookie crumbler login problem
Dieter Maurer
dieter@handshake.de
Mon, 17 Feb 2003 19:43:40 +0100
philrobinson wrote at 2003-2-16 19:25 -0000:
> Here's my ZODB structure:
>
> parent_folder
> -- child_folder_1
> -- child_folder_2
> ...
> If I put an acl_users and cookie_crumbler into 'parent_folder' (to allow a
> different
> group of people to manage at that level), however, it all goes wrong.
>
> With these present, the cookie paths from the above example become '/',
> which seems
> to indicate that they are being generated in the parent_folder rather than
> the relevant
> child one. And login fails; presumably because the username supplied for
> (say)
> 'child_folder_1' is not valid for 'parent_folder'.
I expect that "CookieCrumlers" cannot be nested (in the way, you did it).
CookieCrumber works by replacing "RESPONSE.unauthorized" to get
a hook to display its login form when authentication fails.
When you have several CookieCrumblers in a chain, all of them do this
and the top most one wins.
I fear, you would need to clean up CookieCrumber code.
Dieter