[Zope] major problems placing authentication on an extranet
site-security flaw?
michael nt milne
michael.milne at gmail.com
Wed Feb 8 16:14:38 EST 2006
Thanks for the advice. I'll have another look at the security settings but
this is undoubtedly an issue. The superuser password not working is the
main one etc. But ultimately my comments on usabiltity should be taken on
board because Zope security is overly complex.
On 2/8/06, Dieter Maurer <dieter at handshake.de> wrote:
>
> michael nt milne wrote at 2006-2-8 16:48 +0000:
> >I have major problems here trying to set-up authentication over a whole
> >Plone site using Zope. Using my superuser account I've navigated to the
> site
> >root page in the ZMI where it lists all the site pages and objects etc.
> I've
> >then gone into security, scrolled down to the bottom and for the 'View'
> >option I have tried all combinations of 'Manager', 'Authenticated' and
> >'Aquire'. It simply won't work.
>
> You can use "VerboseSecurity" to analyse difficult authorization
> problems.
>
> "VerboseSecurity" is an integral part of Zope from 2.8 on.
> Previously, it has been a separate product.
>
> --
> Dieter
>
--
Michael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.zope.org/pipermail/zope/attachments/20060208/c04562f9/attachment.htm
More information about the Zope
mailing list