[Zope] Odd sessioning issues with ExUserFolder.

Alec Munro alecmunro at gmail.com
Fri Oct 8 10:38:02 EDT 2004


Hi List,

I'm using ExUserFolder, with zope as the authentication source, and
MySQL as the properties source.
I have a custom login form, which calls a script called process_login,
an exerpt of which follows:

from AccessControl import getSecurityManager

request = container.REQUEST

result = container.acl_users.validate(request=request)
name = getSecurityManager().getUser().getUserName()

This seems to work fine, except in rare circumstances. I'm unsure
exactly of the details of those circumstances, but what happens is
that sometimes when a user logs in, they are redirected to the
standard ExUserFolder login form, with a message similar to "session
expired, please log in". This also generates an event in the error
log, typed "LoginRequired".

My suspicion is that this happens to users who have logged in before,
and what is happening is that it checks their cookie, finds it
expired, and rather than processing the login as new, invalidates the
entire request, and redirects them to the standard login form.

Any clues?

Thanks,

Alec Munro


More information about the Zope mailing list