[Zope] Post authentication hook and anonymous users
Dieter Maurer
dieter at handshake.de
Thu Mar 3 13:52:26 EST 2005
Cyrille Bonnet wrote at 2005-3-3 11:29 +1300:
> ...
>Anyway, I am thinking of adding an unvalidated_hook call in
>ZPublisher/BaseRequest.py, something like:
>
> if user is not None:
> if validated_hook is not None: validated_hook(self, user)
> request['AUTHENTICATED_USER']=user
> request['AUTHENTICATION_PATH']='/'.join(steps[:-i])
> else:
> unvalidated_hook(request)
You should always have a "user" (i.e. "user" should not be "None").
If the user is not authenticated, you should get the
"Anonymous user".
The "user is None" case should only occur when the root
does not contain an "acl_users" (but then your Zope site
is insane).
--
Dieter
More information about the Zope
mailing list