[Zope] How to restrict anonymous access from my site
Chy Ty
chyty at hipt.com.vn
Fri Oct 24 23:00:20 EDT 2003
Dear Sir/Madam
My purpose is that every one want to access my site must be logon first.
Could you tell me how to restrict anonymous to access from my site.
Thank you
----- Original Message -----
From: <zope-request at zope.org>
To: <zope at zope.org>
Sent: Friday, October 24, 2003 11:18 PM
Subject: Zope Digest, Vol 3, Issue 44
> Send Zope mailing list submissions to
> zope at zope.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://mail.zope.org/mailman/listinfo/zope
> or, via email, send a message with subject or body 'help' to
> zope-request at zope.org
>
> You can reach the person managing the list at
> zope-owner at zope.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Zope digest..."
>
>
> Today's Topics:
>
> 1. AUTHENTICATED_USER is not reliable! [Was: [Zope] become user
> (su inside Zope) - pretend to be another user] (Stefan H. Holek)
> 2. Re: Problems migrating site (Jesper Holmberg)
> 3. Re: [Plone-users] Re: A plea for equality => a play for
> diversity (laura trippi)
> 4. Re: AUTHENTICATED_USER is not reliable! [Was: [Zope] become
> user (su inside Zope) - pretend to be another user] (Jens Vagelpohl)
> 5. Permission with addFile module (McDonnell, Larry)
> 6. Re: Permission with addFile module (Paul Winkler)
> 7. RE: Permission with addFile module (McDonnell, Larry)
> 8. Re: return value treated as dtml? (Ted holden)
> 9. Re: Re: [Plone-users] Re: A plea for equality => a play for
> diversity (Philip Kilner)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 24 Oct 2003 10:35:58 +0200
> From: "Stefan H. Holek" <stefan at epy.co.at>
> Subject: AUTHENTICATED_USER is not reliable! [Was: [Zope] become user
> (su inside Zope) - pretend to be another user]
> To: bkc at murkworks.com
> Cc: zope at zope.org
> Message-ID: <563440625.1066991758@[172.16.8.4]>
> Content-Type: text/plain; charset=us-ascii; format=flowed
>
> Why is everybody so obsessed with AUTHENTICATED_USER? This variable is not
> suitable for anything deserving the name "security". It is NOT SAFE to
> assume that it will contain anything useful.
>
> This is even documented in the online help:
>
> SecurityGetUser() -- Return the current user object. This is
> normally the same as the 'REQUEST.AUTHENTICATED_USER'
> object. However, the 'AUTHENTICATED_USER' object is insecure since
> it can be replaced.
>
> To get the logged-in user call:
>
> SecurityGetUser() or
> getSecurityManager().getUser() or
> portal_membership.getAuthenticatedMember()
>
> and please forget about AUTHENTICATED_USER and the REQUEST as a source of
> trustable information in general.
>
> Stefan
>
>
> --On Donnerstag, 23. Oktober 2003 19:52 -0400 Brad Clements
> <bkc at murkworks.com> wrote:
>
> > I looked at newSecurityManager and it doesn't seem to set
> > request.AUTHENTICATED_USERS, so I do that too.
>
>
>
> --
> The time has come to start talking about whether the emperor is as well
> dressed as we are supposed to think he is. /Pete McBreen/
>
>
>
> ------------------------------
>
> Message: 2
> Date: Fri, 24 Oct 2003 11:54:25 +0200
> From: Jesper Holmberg <jesperh at dsv.su.se>
> Subject: Re: [Zope] Problems migrating site
> To: Plone-users List <plone-users at lists.sourceforge.net>, Zope List
> <zope at zope.org>
> Message-ID: <20031024095425.GW9964 at strindberg.dsv.su.se>
> Content-Type: text/plain; charset=us-ascii
>
> Thank you Derek, but this does not seem to be the problem. As I have
> exported/imported the whole Plone site, portal_actions are identical.
>
> Jesper
>
> * On Wed Oct 22, Wilson, Derek wrote:
> > Check to make sure that the portalActions match on both the servers.
> >
> > Thanks,
> > Derek Wilson
> >
> >
> > From: Jesper Holmberg [mailto:jesperh at dsv.su.se]
> > Sent: Wednesday, October 22, 2003 8:40 AM
> > To: Plone-users List; Zope List
> > Subject: [Zope] Problems migrating site
> >
> >
> > I am trying to move my Plone site to a different server. But when I
> > access some of the content on my site at the new location, I get error
> > messages.
> >
> > This is what I have done:
> >
> > 1. Installed Zope, CMF, Plone and all relevant Products I use on the new
> > server
> >
> > 2. Exported my Plone site in the ZMI of the old server, and imported it
> > in
> > the new server.
> >
> > 3. Ran the scripts found at
> > http://cmf.zope.org/Members/cleath/movePortal,
> > which supposedly updated the skins, and updated any ownership
> > information.
> >
> >
> > As an example, when I hit "my preferences", I get the errors:
> >
> > Site error
> > This site encountered an error trying to fulfill your request. The
> > errors were: Error Details Error Type AttributeError Error Value
> > getActions
> >
> > Obviously there is something which misses the attribute getActions, but
> > what does it mean?
> >
> > The backtrace from when I try to access "my preferences" goes like this
> > (sorry so long):
> >
> > Traceback (innermost last):
> > Module ZPublisher.Publish, line 98, in publish
> > Module ZPublisher.mapply, line 88, in mapply
> > Module ZPublisher.Publish, line 39, in call_object
> > Module Shared.DC.Scripts.Bindings, line 252, in __call__
> > Module Shared.DC.Scripts.Bindings, line 283, in _bindAndExec Module
> > Products.PageTemplates.ZopePageTemplate, line 228, in _exec Module
> > Products.PageTemplates.PageTemplate, line 95, in pt_render
> > <ZopePageTemplate at /wlplone/personalize_form> Module
> > TAL.TALInterpreter, line 200, in __call__ Module TAL.TALInterpreter,
> > line 244, in interpret Module TAL.TALInterpreter, line 703, in
> > do_useMacro Module TAL.TALInterpreter, line 244, in interpret Module
> > TAL.TALInterpreter, line 726, in do_defineSlot Module
> > TAL.TALInterpreter, line 244, in interpret Module TAL.TALInterpreter,
> > line 669, in do_condition Module TAL.TALInterpreter, line 244, in
> > interpret Module TAL.TALInterpreter, line 669, in do_condition Module
> > TAL.TALInterpreter, line 244, in interpret Module TAL.TALInterpreter,
> > line 414, in do_optTag_tal Module TAL.TALInterpreter, line 399, in
> > do_optTag Module TAL.TALInterpreter, line 394, in no_tag Module
> > TAL.TALInterpreter, line 244, in interpret Module TAL.TALInterpreter,
> > line 669, in do_condition Module TAL.TALInterpreter, line 244, in
> > interpret Module TAL.TALInterpreter, line 668, in do_condition Module
> > Products.PageTemplates.TALES, line 220, in evaluate
> > URL: /wlplone/personalize_form
> > Line 492, Column 12
> > Expression: standard:'personal'
> > Names:
> > {'container': <PloneSite instance at 9383130>,
> > 'default': <Products.PageTemplates.TALES.Default instance at
> > 0x873476c>,
> > 'here': <PloneSite instance at 9383130>,
> > 'loop': <SafeMapping instance at 9423980>,
> > 'modules': <Products.PageTemplates.ZRPythonExpr._SecureModuleImporter
> > instance at 0x873490c>,
> > 'nothing': None,
> > 'options': {'args': ()},
> > 'repeat': <SafeMapping instance at 9423980>,
> > 'request': <HTTPRequest,
> > URL=http://130.237.161.108/wlplone/portal_form/personalize_form>,
> > 'root': <Application instance at 92d91c0>,
> > 'template': <ZopePageTemplate at /wlplone/personalize_form>,
> > 'traverse_subpath': [],
> > 'user': Pepsi}
> > Module Products.PageTemplates.Expressions, line 206, in __call__ Module
> > Products.PageTemplates.Expressions, line 201, in _eval Module
> > Products.PageTemplates.Expressions, line 108, in render Module
> > Products.CMFPlone.PloneFolder, line 89, in __call__ Module
> > Products.CMFPlone.PloneFolder, line 180, in _getViewFor
> > AttributeError: getActions
> >
> >
> > What is missing?
> >
> > TIA,
> >
> > Jesper
> >
> > _______________________________________________
> > Zope maillist - Zope at zope.org
> > http://mail.zope.org/mailman/listinfo/zope
> > ** No cross posts or HTML encoding! **
> > (Related lists -
> > http://mail.zope.org/mailman/listinfo/zope-announce
> > http://mail.zope.org/mailman/listinfo/zope-dev )
>
>
>
> ------------------------------
>
> Message: 3
> Date: Fri, 24 Oct 2003 02:11:58 -0700
> From: laura trippi <latrippi at sfu.ca>
> Subject: [Zope] Re: [Plone-users] Re: A plea for equality => a play
> for diversity
> To: plone-users at lists.sourceforge.net
> Cc: alan runyan <runyaga at runyaga.com>, zope at zope.org
> Message-ID: <1E989642-0602-11D8-BE8F-000A278FD74C at sfu.ca>
> Content-Type: text/plain; charset=US-ASCII; format=flowed
>
> Alan's already answered this with his usual diplomacy -- and wisdom
> beyond his years. =}
>
> But since I edited "he" to "s/he" during my talk at the Plone
> conference (right there in front of everyone!), I thought maybe I ought
> to reply, too. I've also been hanging out a fair amount on #plone.
>
> In his "Future of Plone" talk, Paul said: "hello sexy plone people." He
> also said, "thank you sexy plone people." It's hard to capture exactly
> what it is that sparkles about Plone, but I thought that was really
> apt. Surprising for a developer community, no?
>
> There's a difference between "sexy" and "sexist." In many
> circumstances, sexism expresses itself precisely by repressing
> difference, gender, and sexuality. The aesthetics of Plone and the
> creativity of the Plone community are bound up w/something else -- an
> unconventional attitude and ethos that some might find shocking at
> times, I suppose.
>
> I don't condone sexist attitudes or behavior. I either avoid them or
> make a fuss. I don't know what Dave's email was about, exactly. But
> "pleas for equality" make me squeamish. I prefer plays for diversity --
> and, in my experience, the Plone community, esp. including #plone,
> could hardly be more welcoming in that regard.
>
> My concern is this: If people start acting all p.c. on #plone --
> goodbye sexy plone community.
>
> best,
>
>
> ::laura trippi
>
> On Tuesday, October 21, 2003, at 11:33 AM, alan runyan wrote:
>
> > Hi.
> >
> > I deeply apologize. There is a world wide community. Mostly dominated
> > by men. But 10% of the Plone Conference was women. So I would suggest
> > any female who feels uncomfortable about someone's language to contact
> > me. I will do my best to address the problems. Also it doesnt take
> > very much of someone to say, "I dont appreciate your sexist remark."
> > And usually people will apologize. Please speak out and curb the
> > community away from sexist remarks. If there are any problems
> > you may contact me personally. Of course it would be best if you
> > emailed the person offline with your frustration before bringing it
> > to the mailing list or me.
> >
> > cheers,
> > alan runyan
> >
> >> I have come across something that I think most people have come
> >> across before in IT .. and in general .. something called sexism.
> >> Something a female zopista told me today tipped me over the edge to
> >> write this .. it's something I have seen myself on plenty of
> >> occassions ...
> >>
> >> No this is not something 'rampant' in the community .. just something
> >> that happens occassionaly .. and being one of those people that
> >> despise the ignorance that leads to these types of comments .. have
> >> to say something. I just wanted to ask everyone to think about the
> >> communities they are in, and that they are made up of all sorts, and
> >> all types. Our IRC channels are made up of them as well. A lot of the
> >> time these people stay 'quiet', and learn and listen ... to
> >> developers that talk about their female counterparts in derogatory
> >> ways .. as though the channels are made up up macho men.
> >>
> >> Knowing the community doesn't feel this way as a whole, I would like
> >> to say to those few people to THINK before being so ignorant.
> >>
> >> I know personally of people that are avoiding certain IRC channels
> >> due to the fact they find them male dominated, and sexist, and I find
> >> this SHOCKING. It's not in the people or who's there .. but some
> >> regular users attitudes to a community they feel comfortable with as
> >> they are leaders or regulars in their area.
> >>
> >> I just want people to think .. if you want to talk about your
> >> relationships .. or relationships, or peoples life choices in general
> >> .. be aware the community is made up of ALL of them.
> >>
> >> thanks for your time to read this ..
> >>
> >> Dave
> >>
> >>
> >>
> >> _______________________________________________
> >> Zope maillist - Zope at zope.org
> >> http://mail.zope.org/mailman/listinfo/zope
> >> ** No cross posts or HTML encoding! **
> >> (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
> >> http://mail.zope.org/mailman/listinfo/zope-dev )
> >>
> >
> >
> >
> > --
> > Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/
> >
> >
> >
> > -------------------------------------------------------
> > This SF.net email is sponsored by OSDN developer relations
> > Here's your chance to show off your extensive product knowledge
> > We want to know what you know. Tell us and you have a chance to win
> > $100
> > http://www.zoomerang.com/survey.zgi?HRPT1X3RYQNC5V4MLNSV3E54
> > _______________________________________________
> > Plone-users mailing list
> > Plone-users at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/plone-users
> >
>
>
>
>
> ------------------------------
>
> Message: 4
> Date: Fri, 24 Oct 2003 08:09:12 -0400
> From: Jens Vagelpohl <jens at zope.com>
> Subject: Re: AUTHENTICATED_USER is not reliable! [Was: [Zope] become
> user (su inside Zope) - pretend to be another user]
> To: zope at zope.org
> Message-ID: <E144F37C-061A-11D8-8743-000393D58818 at zope.com>
> Content-Type: text/plain; charset=US-ASCII; format=flowed
>
> > Why is everybody so obsessed with AUTHENTICATED_USER? This variable is
> > not suitable for anything deserving the name "security". It is NOT
> > SAFE to assume that it will contain anything useful.
>
> Amen to that.
>
> jens
>
>
>
>
> ------------------------------
>
> Message: 5
> Date: Fri, 24 Oct 2003 10:09:22 -0400
> From: "McDonnell, Larry" <lmcdonnell at protonenergy.com>
> Subject: [Zope] Permission with addFile module
> To: "'Zope at Zope. Org' (E-mail)" <zope at zope.org>
> Message-ID: <318685741A5BD31183A4006097BD8DD93809D1 at PROSERV>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Hi,
>
> I need for my users to upload files within Zope. I have a copy of addFile
> and it works when I am superuser. I tried setting permissions through the
> security tab for the file but the users are prompted for user name and
> password. These users do not have aacounts within Zope. I do not need this
> since this is an intranet environment. Can someone point to some
> documentation that addresses this problem. I googled around and this has
> been addressed before but the link to those sites did not exist. Thanks.
>
> Larry McDonnell
>
>
>
> ------------------------------
>
> Message: 6
> Date: Fri, 24 Oct 2003 10:18:24 -0400
> From: Paul Winkler <pw_lists at slinkp.com>
> Subject: Re: [Zope] Permission with addFile module
> To: "'Zope at Zope. Org' (E-mail)" <zope at zope.org>
> Message-ID: <20031024141824.GB1099 at slinkp.com>
> Content-Type: text/plain; charset=us-ascii
>
> On Fri, Oct 24, 2003 at 10:09:22AM -0400, McDonnell, Larry wrote:
> > Hi,
> >
> > I need for my users to upload files within Zope. I have a copy of
addFile
>
> You seem to be a bit confused about Zope. No crime in that :-)
> I don't know what you mean. You don't need to make copies of anything
> in order to let users add files. What is addFile?
>
> > and it works when I am superuser.
>
> I assume you mean Manager?
>
> > I tried setting permissions through the
> > security tab for the file but the users are prompted for user name and
> > password. These users do not have aacounts within Zope. I do not need
this
> > since this is an intranet environment.
>
> Go to the management interface of the topmost folder where you want users
> to add files. Click on the Security tab. Find the permission
> labelled "Add Documents, Images, and Files". Check the box in the
> Anonymous columns. You're done.
>
>
> > Can someone point to some
> > documentation that addresses this problem. I googled around and this has
> > been addressed before but the link to those sites did not exist. Thanks.
>
> Read this, several times if necessary:
> http://zope.org/Documentation/Books/ZopeBook/2_6Edition/Security.stx
>
> --
>
> Paul Winkler
> http://www.slinkp.com
> Look! Up in the sky! It's EXPLOSIVE RADIOISOTOPIC DEATH ON A STICK!
> (random hero from isometric.spaceninja.com)
>
>
>
> ------------------------------
>
> Message: 7
> Date: Fri, 24 Oct 2003 10:41:41 -0400
> From: "McDonnell, Larry" <lmcdonnell at protonenergy.com>
> Subject: RE: [Zope] Permission with addFile module
> To: 'Paul Winkler' <pw_lists at slinkp.com>, "'Zope at Zope. Org' (E-mail)"
> <zope at zope.org>
> Message-ID: <318685741A5BD31183A4006097BD8DD93809D3 at PROSERV>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Hi,
>
> Thanks, I'll try this
>
> -----Original Message-----
> From: Paul Winkler [mailto:pw_lists at slinkp.com]
> Sent: Friday, October 24, 2003 10:18 AM
> To: 'Zope at Zope. Org' (E-mail)
> Subject: Re: [Zope] Permission with addFile module
>
>
> On Fri, Oct 24, 2003 at 10:09:22AM -0400, McDonnell, Larry wrote:
> > Hi,
> >
> > I need for my users to upload files within Zope. I have a copy of
addFile
>
> You seem to be a bit confused about Zope. No crime in that :-)
> I don't know what you mean. You don't need to make copies of anything
> in order to let users add files. What is addFile?
>
> > and it works when I am superuser.
>
> I assume you mean Manager?
>
> > I tried setting permissions through the
> > security tab for the file but the users are prompted for user name and
> > password. These users do not have aacounts within Zope. I do not need
this
> > since this is an intranet environment.
>
> Go to the management interface of the topmost folder where you want users
> to add files. Click on the Security tab. Find the permission
> labelled "Add Documents, Images, and Files". Check the box in the
> Anonymous columns. You're done.
>
>
> > Can someone point to some
> > documentation that addresses this problem. I googled around and this has
> > been addressed before but the link to those sites did not exist. Thanks.
>
> Read this, several times if necessary:
> http://zope.org/Documentation/Books/ZopeBook/2_6Edition/Security.stx
>
> --
>
> Paul Winkler
> http://www.slinkp.com
> Look! Up in the sky! It's EXPLOSIVE RADIOISOTOPIC DEATH ON A STICK!
> (random hero from isometric.spaceninja.com)
>
> _______________________________________________
> Zope maillist - Zope at zope.org
> http://mail.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://mail.zope.org/mailman/listinfo/zope-announce
> http://mail.zope.org/mailman/listinfo/zope-dev )
>
>
>
> ------------------------------
>
> Message: 8
> Date: Fri, 24 Oct 2003 10:40:20 -0400
> From: Ted holden <medved at fcc.net>
> Subject: Re: [Zope] return value treated as dtml?
> To: zope at dylanreinhardt.com
> Cc: Zope Users <zope at zope.org>
> Message-ID: <200310241040.20847.medved at fcc.net>
> Content-Type: text/plain; charset="utf-8"
>
> On Friday 24 October 2003 00:51, Dylan Reinhardt wrote:
>
> >...
> > Perhaps you could provide an example of the problem you're trying to
> > solve & we can take a whack at the easiest way to solve it?
>
> > Dylan
>
> Again, thanks. I pretty much gave up on using zclasses and products at
least
> for the time being, and I've actually gotten something like 98% of the
> application working; there's just the one little detail left.
>
> This is a text indexing and retrieval methodology and the assumption is
that
> an organization has a directory containing text files or some sort of
files
> with ascii text in them, which it wishes to make available to users over
the
> web. This might consist of large numbers of html files as is the usual
case,
> or it could just as easily consist of two or three large or gigantic
files,
> possibly several gigabytes.
>
> The user enters a search term, and the application returns a list of hits
in
> the form of file-name/byte-offset pairs, e.g.:
>
> Verified hits
>
> * /home/bear/Text/SHAKE/MACBETH 71680
> * /home/bear/Text/POE/ANNABEL 0
> * /home/bear/Text/POE/ELDORADO 0
>
>
> Now, once that screen comes up (is returned by the application and
displayed),
> I'd like to have the user be able to click on one of the lines and thereby
> execute a method which would read a couple of thousand bytes around the
> indicated byte offset in the given file, and display them.
>
> The problem is that once a screen like that returns, you're outside the
> confines of zope and dtml. Inside a dtml method, something like:
>
> <a href=<dtml-call 'function('arg1', 'arg2')"> > first hit </a><br>
>
> works well enough. That's basically the kind of effect I need.
>
> I'm guessing at this point that the best shot might be to write the list
of
> hits to a file, and then return a handle to a dtml file which would pick
up
> the list of hits from the file and do the right things with them, and
include
> the user's name or id in the name of the hit file to keep users separate.
> The question at that point would be whether an external method could
return
> the handle of a dtml method created within Zope or whether something like
> dtmlfile could work outside of zclasses. That's just a guess; I'd be
glad
> to hear any suggestions.
>
>
> Ted
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ------------------------------
>
> Message: 9
> Date: Fri, 24 Oct 2003 16:30:10 +0100
> From: Philip Kilner <phil at xfr.co.uk>
> Subject: Re: [Zope] Re: [Plone-users] Re: A plea for equality => a
> play for diversity
> To: laura trippi <latrippi at sfu.ca>
> Cc: alan runyan <runyaga at runyaga.com>,
> plone-users at lists.sourceforge.net, zope at zope.org
> Message-ID: <3F994582.9050900 at xfr.co.uk>
> Content-Type: text/plain; charset=us-ascii; format=flowed
>
> Hi Laura,
>
> Eloquently put.
>
> It doesn't hurt to remember that everyone thinks differently, though -
> explicit acknowledgment of these issues may be enough to sharpen
> everybody up.
>
> Sexy people generally can't manage to be PC (in the pejorative sense)
> even if they try...
>
> :-)
>
> --
>
> Regards,
>
> PhilK
>
> (Sexy but spherical!)
>
> Email: phil at xfr.co.uk / Voicemail & Facsimile: 07092 070518
>
> "the symbols of the divine show up in our world initially at the trash
> stratum." Philip K Dick
>
>
>
>
>
> ------------------------------
>
> _______________________________________________
> Zope maillist - Zope at zope.org
>
>
>
> End of Zope Digest, Vol 3, Issue 44
> ***********************************
More information about the Zope
mailing list