On Monday 27 March 2006 09:13, Olivier Grisel wrote:
> > My setup is:
> > ldap will be used only to authenticate users in read-only mode; I
> > must use this server in read-only mode, so binds will be anonymous, just
> > to get user password field and authenticate the user.
> > groups and roles will be stored on ZODB.
> > I was able to do this with LDAPUserFolder and have some notes I wrote
> > down about my config, but I could find a correspondence between all them
> > and the fields in members_ldap.xml (directories)
> > Could someone provide me some hints on this?
>
> To setup read/write permissions on the directories you can adjust the ACL_*
> properties of the directories configuration (either directly in the ZMI in
> portal_directories or in the directories/my_directory.xml in the profile).
I haven't this file: my_directory.xml
did you mean directories/members_ldap.xml ?
>
> If you want per-field permission settings you must adjust similar ACL
> properties in the corresponding schema (in portal_schemas in the ZMI or
> schemas/members.xml for instance in the profile).
sorry, but I can't understand what you mean here; my ldap/xml knowledge isn't
good enough.
>
> Don't forget to reimport the profile if you make changes to the xml files
> to apply your changes to the objects living in the ZODB.
>
> To bind as "anonymous", use an empty bind_dn/password in the directory
> configuration.
I did this, then when I try to import CPSLDAPSetup on a fresh new cps site, it
prompted me to supply Zope Site Manager user/password. If I deny, it gives
me the error bellow for all kind of further access; and as a result, I can't
access the site anymore!
Error Type:
Unauthorized
Error Value:
You are not authorized to access this resource.
Traceback:
Traceback (innermost last):
Module ZPublisher.Publish, line 104, in publish
Module ZPublisher.BaseRequest, line 464, in traverse
Module ZPublisher.HTTPResponse, line 697, in unauthorized
Unauthorized: <strong>You are not authorized to access this resource.</strong>
form
manage_tabs_message
"Profile 'CPS LDAP Setup' imported."
cookies
tree-s
'eJzTyCkw5NLIKTDiClZ3hIKMiGxbda4CY67ERD0Ah9sIOA'
__ac_name
'mariomenezes'
lazy items
SESSION
<bound method SessionDataManager.getSessionData of <SessionDataManager
at /session_data_manager>>
other
VIRTUAL_URL_PARTS
('http://tucano.ipen.br', 'colab/portal_setup/manage_tool')
VIRTUAL_URL
'http://tucano.ipen.br/colab/portal_setup/manage_tool'
_ec_cache
{1156079084: <Products.PageTemplates.TALES.Context instance at 0x452ff20c>}
_translation_service_cache
<PlacefulTranslationService at /colab/translation_service used
for /colab/portal_layouts/search_portlet/w__search>
AcceptCharset
<Products.Localizer.Accept.AcceptCharset instance at 0x44f4552c>
_oai_cache
{1156079084: <Products.CMFCore.ActionInformation.oai instance at 0x429438ec>}
AUTHENTICATED_USER
<SpecialUser 'Anonymous User'>
USER_PREF_LANGUAGES
<Products.Localizer.Accept.AcceptLanguage instance at 0x4559d0cc>
SERVER_URL
'http://tucano.ipen.br'
traverse_subpath
[]
cpsskins_base_url
'/colab/'
cpsskins_url
'http://tucano.ipen.br/colab/portal_setup/manage_tool?manage_tabs_message=Profile+%27CPS+LDAP+Setup%27+imported.'
cpsskins_effective_theme_page
('default', 'Default')
ACTUAL_URL
'http://tucano.ipen.br/colab/portal_setup/manage_tool'
URL
'http://tucano.ipen.br/colab/portal_setup/manage_tool'
cpsskins_cmfactions
{'object': [], 'workflow': [], 'global': [], 'global_header': [{'category':
'global_header', 'available': True, 'title': 'action_accessibility', 'url':
<bound method ActionInfo._getURL of {...}>, 'name': 'action_accessibility',
'visible': True, 'allowed': True, 'id': 'accessibility', 'permissions':
('View',)}, {'category': 'global_header', 'available': True, 'title':
'action_print', 'url': <bound method ActionInfo._getURL of {...}>, 'name':
'action_print', 'visible': True, 'allowed': True, 'id': 'print',
'permissions': ('View',)}, {'category': 'global_header', 'available': True,
'title': 'action_advanced_search', 'url': <bound method ActionInfo._getURL of
{...}>, 'name': 'action_advanced_search', 'visible': True, 'allowed': True,
'id': 'advanced_search', 'permissions': ('View',)}, {'category':
'global_header', 'available': True, 'title': 'action_contact', 'url': <bound
method ActionInfo._getURL of {...}>, 'name': 'action_contact', 'visible':
True, 'allowed': True, 'id': 'contact', 'permissions': ('View',)}], 'user':
[{'category': 'user', 'available': True, 'title': 'Login', 'url':
'http://tucano.ipen.br/colab/login_form?came_from=http%3A%2F%2Ftucano.ipen.br%2Fcolab%2Fportal_setup%2Fmanage_tool',
'name': 'Login', 'visible': True, 'allowed': True, 'id': 'login',
'permissions': ('View',)}], 'folder': []}
cpsskins_language
'en'
cpsskins_mcat
None
PUBLISHED
<PageTemplateFile at /colab/portal_setup/manage_tool>
_localizer_placeful_mc_cache
{'Localizer/default': <MessageCatalog at /colab/Localizer/default>}
TraversalRequestNameStack
[]
_ts_domain_cache
{'default': <LocalizerDomain at /colab/translation_service/>}
VirtualRootPhysicalPath
('',)
AcceptLanguage
<Products.Localizer.Accept.AcceptLanguage instance at 0x4559d0cc>
URL0
http://tucano.ipen.br/colab/portal_setup/manage_tool
URL1
http://tucano.ipen.br/colab/portal_setup
URL2
http://tucano.ipen.br/colab
URL3
http://tucano.ipen.br
BASE0
http://tucano.ipen.br
BASE1
http://tucano.ipen.br
BASE2
http://tucano.ipen.br/colab
BASE3
http://tucano.ipen.br/colab/portal_setup
BASE4
http://tucano.ipen.br/colab/portal_setup/manage_tool
---------------------------------- end of copied error text ---------------
what is this error? how to fix it?
--
Mario O.de Menezes, Ph.D. "Many are the plans in a man's heart, but
LinuxUser: #24626 is the Lord's purpose that prevails" Pv 19.21
http://www.ipen.br/~mario
_______________________________________________
cps-users mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/cps-users
