[ZPatterns] LoginManager roles problem

Wed, 10 Oct 2001 07:54:04 -0400

Joachim,
This can be fixed by eliminating the BetterLocalRolesMixin and
BetterSimpleUser from LoginManager.py and UserSources.py.  I can send
you my *hacked* copy if you want.

Cheers,
Tim

Joachim Schmitz wrote:
> 
> Hi,
> 
> my site structure is like this:
> 
> root:
>  acl_users (standard)
>  mysitefolder: viewable by Anonymous
>    index_html
>     acl_users (login-manager with a custumized login form)
>     otherfolder: viewable only by Authenticated
>       test dtml document
> 
> When I now call the /mysite/otherfolder/test
> 
> not my customized loginform pops up, but the standard httpauthorization from
> the root acl_users folder.
> When I cancel the authentication box, I get that Anonymous User has no
> access to the "test" document, which is contained in otherfolder
> 
> When I copy the index_html into the otherfolder, it works correctly.
> 
> Apparently LoginManager checks for the permissions in the parent, which is
> index_html. Is this a bug or a feature ?
> 
> Mit freundlichen Grüßen
> 
> Joachim Schmitz

-- 
Tim McLaughlin
iterationZERO - www.iterationzero.com
703.481.2233