[Zope] How to prevent access to Ananymous User?

Thierry FLORAC thierry.florac@onf.fr
Tue, 11 Mar 2003 11:47:28 +0100


On Tuesday 11 March 2003 11:06, K.Praveen Kumar wrote:
> Dear Thierry FLORAC,
>      If I do what you said then It is popup a Screen asking
> for login and password. It is taking anything you enter and
> logging in as "Anonimous User". If you require I'll send
> you the URL of the site where you can understand the
> problem and help me out.
>      My problem is While accessing the web pages. Not in
> the Zope directories. If I use "ex User Folder" for
> authentication it will create a "acl_user" folder. If we
> are attempting to access the directory (Where we have
> created acl_user folder) that will redirect to the Login
> Page. After Logging in only it'll agsin redirect to the
> Home page.
>       In my case it is not happening. It is directly taking
> the user as "Anonimous User" and showing up. How should I
> get that.

A correct acl_user folder have to be defined at the root of your site for 
authentication to work correctly. And if your user folder allows you to login 
with any authentication username/password, you may have something 
misconfigured.
What can also occur when you restrict access on only a few number of pages, is 
that :
 - after the first required authentication on login page, some browsers will 
continue to provide authentication parameters, even on public pages
 - but some of them will only provide the same authentication parameters on 
protected pages.
To handle such things and follow user's session correctly, you have to 
remember authentication parameters and use cookies and session machinery...

Thierry