[Zope3-Users] pau and zope.manager

Jim Washington jwashin at vt.edu
Mon Oct 3 09:54:25 EDT 2005


I want to use pau, with session (cookie) based authentication.  No basic 
authentication.

The problem is, when the pau is activated, the zope.manager defined in 
zcml seems to be no longer accessible, effectively locking me out of the 
zmi.

What I think is happening is the pau appends a prefix to the principal 
name, so that the principal, instead of being "zope.manager", becomes 
"prefixzope.manager", which has no permissions anywhere.

I think my choices are the following.

1.  make pau always look (last) in principalRegistry and return a 
non-prefixed principal if found and validated
2.  have my authentication plugin look in principalRegistry and assign 
the same roles for the principals found in principalRegistry, but with 
the pau prefix.  This would happen when the plugin is created or on demand.
3.  provide methods for my authentication plugin to generate an 
emergency user for one of its valid principals

Or did I miss something in the documentation that gets around this?

-Jim Washington


More information about the Zope3-users mailing list