[Zope] CookieCrumbler problem
Gordon Lai
lai at library.ucsf.edu
Wed Oct 13 21:24:55 EDT 2004
Hi,
I'm having a problem with CookieCrumbler 1.24. I'm trying to use it with
Zope 2.7.2, Python 2.3.4, and LDAPUserFolder 2.4beta3. I want CC to show
my login.html when a user accesses a protected folder, but this doesn't
happen; the basic auth dialog still pops up. I enter a username and
password that authenticates correctly with my LDAP server and then my
login.html shows up. On this page I have to enter a correct username,
but then any gibberish in the password field will allow me to login;
this basically means that the dialog box was doing the real login and
this login.html wasn't doing much. I can then logout by clicking a link
that calls a Python Script that calls logout() in CC (is this the
correct way to logout? CC doesn't have any docs, so I perused its code
and found logout()). But now when I try to access the folder again I get
instantly logged out because I have code at the top of my index.html ZPT
that detects if a session object exists, and if it doesn't it will
logout the user. Since I've logged out, a session object does not exist.
Basically, the login process is being completely bypassed and I'm
hitting index.html directly.
The correct login process that I have set up is as follows:
1) CC shows my login.html.
2) The user logs in, which calls index.py.
3) index.py creates a new session and then calls index.html
This was working for some time before "something happened" and I am now
seeing the above wrong behavior. What am I doing wrong?
Thanks,
Gordon
More information about the Zope
mailing list