Re: [Zope] Changing my session identity
How does one become Anonymous User without stopping/restarting the browser? Is there a special username/password for that? -- Jim Washington Chris McDonough wrote: Oops... sorry... dtml-raise Unauthorized Unauthorized. /dtml-raise Shortcuts on the brain. :-) -Original Message- From: Chris McDonough [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 19, 2000 11:43 AM To: 'Andreas Rippel'; [EMAIL PROTECTED] Subject: RE: [Zope] Changing my session identity In dtml: raise Unauthorized You are unauthorized. /raise If you enter a new valid username/password combo in, you'll be validated and your identity will be changed. If you cancel or enter an invalid username/password combo, you'll still be logged in as whomever you started with. ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Changing my session identity
Hello, At 15:30 19.07.2000 +, you wrote: does anybody know a possibility to change the identity during a browser process, without killing all clients and logging in again? In the "Tracker" product, you will find two DTML Methods that will enable you to change the identity. They are called "login" and "relogin". Simply call dtml-var login to get a login prompt. I believe if you simply do not fill this form, you will get "Unauthorized" and then back to Anonymous. ---[login] dtml-var relogin dtml-if "REQUEST.get('HTTP_REFERER', '') != ''" dtml-call "RESPONSE.redirect(REQUEST.get('HTTP_REFERER'))" dtml-else dtml-call "RESPONSE.redirect(URL1)" /dtml-if --- ---[relogin] !--#comment-- Call this from other methods to force user reauthentication before redirecting back to the calling script. (This script leaves traces before raising "Unauthorized" so that it recognizes the return after the authentication, and avoids repeating. At that point the cookie used to recognize the return is removed, enabling the process for the next invocation.) !--#/comment-- !--#var "REQUEST.AUTHENTICATED_USER" html_quote-- !--#if "(REQUEST.cookies.has_key('relogin') and (not _.hasattr(REQUEST.cookies['relogin'],'has_key') or not REQUEST.cookies['relogin'].has_key('value') or (REQUEST.cookies['relogin']['value'] != 'deleted')))"-- !--#call "REQUEST.RESPONSE.expireCookie('relogin')"-- !--#else-- dtml-call "REQUEST.RESPONSE.setCookie('relogin', 1, expires=(ZopeTime('GMT') +(1.0/(24*60))).rfc822())" !--#call "REQUEST.RESPONSE.expireCookie('__ac', path='/')"-- (Interim - the raise value only shows when the user login fails.) !--#raise Unauthorized-- Refresh this page to get the login prompt. !--#/raise-- !--#/if-- --- Best regards, GĂ©rard Jr. ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
RE: [Zope] Changing my session identity
On Thu, 20 Jul 2000, Chris McDonough wrote: No, unfortunately, you need to stop and restart the browser. Is there a UserFolder that stores users in ZODB and uses cookie-based authentication? Oleg.(All opinions are mine and not of my employer) Oleg Broytmann Foundation for Effective Policies [EMAIL PROTECTED] Programmers don't die, they just GOSUB without RETURN. ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Changing my session identity
On Thu, Jul 20, 2000 at 11:38:23AM -0400, Chris McDonough wrote: No, unfortunately, you need to stop and restart the browser. Well, netscape 4.73 at least identifies http://server:8080 and http://server.whatever.com:8080 as separate authentication domains. So, you can use one as your administration account and one as your test account, if you are in the same domainas the server. -Original Message- From: Jim Washington [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 20, 2000 10:40 AM To: Chris McDonough Cc: [EMAIL PROTECTED] Subject: Re: [Zope] Changing my session identity How does one become Anonymous User without stopping/restarting the browser? Is there a special username/password for that? ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Changing my session identity
[EMAIL PROTECTED] writes: On Thu, Jul 20, 2000 at 11:38:23AM -0400, Chris McDonough wrote: No, unfortunately, you need to stop and restart the browser. Well, netscape 4.73 at least identifies http://server:8080 and http://server.whatever.com:8080 as separate authentication domains. So, you can use one as your administration account and one as your test account, if you are in the same domainas the server. On my linux box, I add another alias to the same IP in /etc/hosts for a separate user. I also switch between localhost and my hostname for a server on my own box. This also works for cookies. Obvious once it was pointed out to me! -- Karl Anderson [EMAIL PROTECTED] ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
[Zope] Changing my session identity
Hi, does anybody know a possibility to change the identity during a browser process, without killing all clients and logging in again? Thanks Andreas ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
RE: [Zope] Changing my session identity
In dtml: raise Unauthorized You are unauthorized. /raise If you enter a new valid username/password combo in, you'll be validated and your identity will be changed. If you cancel or enter an invalid username/password combo, you'll still be logged in as whomever you started with. -Original Message- From: Andreas Rippel [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 19, 2000 11:30 AM To: [EMAIL PROTECTED] Subject: [Zope] Changing my session identity Hi, does anybody know a possibility to change the identity during a browser process, without killing all clients and logging in again? Thanks Andreas ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )