[Zope] Incorrect login message - more information

Marnie King marnie.king at abs.gov.au
Mon May 10 20:45:33 EDT 2004

Our scenario is this.....

We are using Zope with Apache and have created a folder under the Root Folder.
In this folder I removed the original acl_users and added an exUserFolder and
enabled secure cookie-based authentication.

When I attempt to access this folder through a browser window, it comes up with
the session based login box which is all ok. The problem I'm having is this....

If I put in a correct username but incorrect password, it comes up with a the
login box again with the heading "Failed Login".... which is fine.

But when I put in an incorrect username, it then comes up with a second login
screen (Windows)and is asking for authentication again.

Is there a way around this so that it also brings the original login box up
again with the heading "Failed Login" ??

More information...

We have this:

<VirtualHost _default_:80>
        ServerName diff
        RewriteEngine On

        <Location ~ "/manage">
                Redirect permanent /manage https://diff/manage
                SetHandler server-status
                Order Deny,Allow
                Allow from all
                #Deny from all
        RewriteRule ^/(.*)
ot/$1 [L,P]

Steps we have taken to try to rectify problem...

Taken from Unenlightened Zopistas Guide to exUserFolder.  We have attempted both
steps 1.3 and 1.4 with no success.

    1.     1.2 What happened                                                    
 You tried to access an area you don't have access to. Zope found the closest   
 user folder to the object you were trying to access. The user folder decided   
 you were not authorised and tried to display the login form. You don't have    
 access to view the login form, so Zope finds the nearest user folder to the    
 login form, which is the user folder above the protected directory. It pops up 
 the authentication dialog. If you put in a valid username and password for     
 this top level, then lower level then displays the login form.                 
    1.     1.3 Solution 1 (preferred).                                          
 Place the user folder one level above the folder you want to protect, that is  
 in the unprotected area. Everything should work fine.                          
    1.     1.4. Solution 2 (not so preferred).                                  
 Set the View permission on the docLogin form inside the acl_users folder. You  
 can get there by Choosing Contents on docLogin and scrolling down to the       

Any help in this matter is appreciated

ABS Web Site:  www.abs.gov.au

More information about the Zope mailing list