[Zope] Re: Post authentication hook and anonymous users

Cyrille Bonnet cyrille at 3months.com
Fri Mar 4 03:18:39 EST 2005


Hi Dieter,

thanks for your sanity check!

Before I was checking for role "Anonymous", which exists  in Python 
scripts, but apparently not in post_authentication_hook...

After reading your posting, I've tried to test if username=="Anonymous 
user" and it works!

Thanks for your help. I've finished that how-to on plone.org and will 
post its URL once it is approved.

Cheers

Cyrille

Dieter Maurer wrote:
> Cyrille Bonnet wrote at 2005-3-3 11:29 +1300:
> 
>>...
>>Anyway, I am thinking of adding an unvalidated_hook call in 
>>ZPublisher/BaseRequest.py, something like:
>>
>>        if user is not None:
>>            if validated_hook is not None: validated_hook(self, user)
>>            request['AUTHENTICATED_USER']=user
>>            request['AUTHENTICATION_PATH']='/'.join(steps[:-i])
>>        else:
>>            unvalidated_hook(request)
> 
> 
> You should always have a "user" (i.e. "user" should not be "None").
> If the user is not authenticated, you should get the
> "Anonymous user".
> 
> The "user is None" case should only occur when the root
> does not contain an "acl_users" (but then your Zope site
> is insane).
> 



More information about the Zope mailing list