[ZPatterns] LoginManager auth type screwiness
John Eikenberry
jae-zpat@kavi.com
Wed, 20 Jun 2001 03:08:34 -0700
Specs:
Zope 2.2.5
LoginManager 8.8b1
ZPatterns 4.3b2
python 1.5.2
I've reproduced this on 2 zope setups. One using zclass based dataskins and
one python based.
How to reproduce:
Setup a working LoginManger with CookieLogin and BasicAuth LoginMethods
(in that order). Create a new role and a user with the role. Create a
folder containing an index_html (with default content), create an empty
sub-folder with view/access permissions limited to the role you created.
View that subfolder from a new browser... boom, a popup basic auth window.
You can login with it, or cancel it and the unauth error is:
You are not authorized to access title_or_id.
Create a dtml method in the subfolder and view it... cookie auth loginForm
is displayed.
What I'm shooting for is the cookie loginform to always be shown.
Any tips?
Thanks in advance,
--
John Eikenberry [jae@kavi.com]
______________________________________________________________
"A society that will trade a little liberty for a little order
will deserve neither and lose both."
--B. Franklin