[Zope] Odd sessioning issues with ExUserFolder.
Alec Munro
alecmunro at gmail.com
Fri Oct 8 10:38:02 EDT 2004
Hi List,
I'm using ExUserFolder, with zope as the authentication source, and
MySQL as the properties source.
I have a custom login form, which calls a script called process_login,
an exerpt of which follows:
from AccessControl import getSecurityManager
request = container.REQUEST
result = container.acl_users.validate(request=request)
name = getSecurityManager().getUser().getUserName()
This seems to work fine, except in rare circumstances. I'm unsure
exactly of the details of those circumstances, but what happens is
that sometimes when a user logs in, they are redirected to the
standard ExUserFolder login form, with a message similar to "session
expired, please log in". This also generates an event in the error
log, typed "LoginRequired".
My suspicion is that this happens to users who have logged in before,
and what is happening is that it checks their cookie, finds it
expired, and rather than processing the login as new, invalidates the
entire request, and redirects them to the standard login form.
Any clues?
Thanks,
Alec Munro
More information about the Zope
mailing list