[Zope] Please remove my id from your mailing list.
Please remove my id from your mailing list. --Sunil +=+ This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. +=+ ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Zope job in London
On behalf of my boss. Regards, Mark Apologies if this is not the best place to post, but hopefully this will be of interest to some of you ! We have an opening for a zope techie in our London office. Developing applications using zope, and supporting customers. We do some funky stuff with Zope and things like EC2, so its good fun. Full blurb below. Many Thanks, Angus Position : Linux Web Developer / Sys Admin Skills: Zope, Python PHP with Linux - Development Administration of Extranet Sites Servers. A good all rounder, regular home working is encouraged. Part time work also possible. Small, profitable extranet company is looking for a full time developer to enhance support existing products, and develop new products. We provide secure extranet and file sharing technology to medium large firms globally. We work mostly with Zope/Linux environments, but work with PHP, Ruby on Rails, Flash, Java Active X when needed. The role will include: Development - primarily Python/Zope, some ROR PHP. Admin - Of Linux based and Windows servers Support - Meeting and supporting clients Zope training will be provided ! Requirements: English fluency is absolutely required. Great communication skills ! Experience of web-centric scripting technologies Experience of templating Javascript / HTML Linux server administration to an advanced level To apply please email me an up to date cv, and links to work you've done. CV to [EMAIL PROTECTED] Location: London. Salary - Permanent, £25k to £35k depending on experience ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Zope job in London
- Original Message - From: Mark Hellewell [EMAIL PROTECTED] To: zope@zope.org Sent: Thursday, April 19, 2007 8:15 AM Subject: [Zope] Zope job in London On behalf of my boss. Regards, Mark Apologies if this is not the best place to post, but hopefully this will be of interest to some of you ! We have an opening for a zope techie in our London office. Developing applications using zope, and supporting customers. We do some funky stuff with Zope and things like EC2, so its good fun. You may want to try posting here: http://plone.specialtyjobmarkets.com/ Jonathan ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] forbiddenAttribute, annotation, __call__
I'm a little stuck here (And please forgive me, I don't really know what i'm doing)... Problem: Getting ForbiddenAttribute: ('__call__', on annotation I am trying to make a tabbed form which shows 'snapin-annotations' as tabs in the same form as the content In the form i look up the snapin-adapters like this: def getSnapInAdapters(self): for iface in component.interface.searchInterface( context=None, search_string=None, base=snapin.interfaces.ISnapInAnnotation): myAdapter = component.queryMultiAdapter( objects=(self.context,), interface=iface, default=None) if myAdapter is None: continue yield myAdapter And then try to adapt the context like this: for myAdapter in self.getSnapInAdapters(): snapin=myAdapter(self.context) Here I get the error like this: snapin=myAdapter(self.context) ForbiddenAttribute: ('__call__', bdz.testtour.annotation.ContentAnnotationA object at 0x03588510) zcml adapter factory=bdz.testtour.annotation.ContentAnnotationA trusted=True / /zcml I must be forgetting something... Will You help? med venlig hilsen / with kind regards Jørgen G. Jørgensen. --- I just like to play with computers, unix, windows, linux, come as they may __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Re: forbiddenAttribute, annotation, __call__
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jørgen Jørgensen wrote: I'm a little stuck here (And please forgive me, I don't really know what i'm doing)... Problem: Getting ForbiddenAttribute: ('__call__', on annotation I am trying to make a tabbed form which shows 'snapin-annotations' as tabs in the same form as the content In the form i look up the snapin-adapters like this: def getSnapInAdapters(self): for iface in component.interface.searchInterface( context=None, search_string=None, base=snapin.interfaces.ISnapInAnnotation): myAdapter = component.queryMultiAdapter( objects=(self.context,), interface=iface, default=None) if myAdapter is None: continue yield myAdapter And then try to adapt the context like this: for myAdapter in self.getSnapInAdapters(): snapin=myAdapter(self.context) Here I get the error like this: snapin=myAdapter(self.context) ForbiddenAttribute: ('__call__', bdz.testtour.annotation.ContentAnnotationA object at 0x03588510) zcml adapter factory=bdz.testtour.annotation.ContentAnnotationA trusted=True / /zcml I must be forgetting something... Will You help? The 'queryMultiAdapter' call has already instantiated the adapter using 'self.context', so you should just be able to use the thing. E.g.: for snapin in self.getSnapInAdapters(): snaping.doSomethingSnappy() Tres. - -- === Tres Seaver +1 540-429-0999 [EMAIL PROTECTED] Palladion Software Excellence by Designhttp://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGJ4RO+gerLs4ltQ4RAhHkAKCW5srn6gjnn7pHtKIEf/EwUXU2xACcCpXI OiEbY5xM8HqvW+pRIq+ckl4= =IQOE -END PGP SIGNATURE- ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope-dev] Re: Killer App for ZClasses
On 19 Apr 2007, at 08:25 , Christopher Lozinski wrote: The problem with upgrading ZClasses is that it would break the zope security models, and the Zope Product Model. That depends on what you by upgrading ZClasses. To make them continue to work, simpler changes will probably suffice. It seems, though, that you want to create this next generation of ZClasses that has a simpler security model, form generation built-in etc. So that would be a rewrite as you've already mentioned. But I don't think it's worth all that work. Writing filessytem code can be just as agile. That's of course just one man's opinion. ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] Zope Tests: 5 OK
Summary of messages to the zope-tests list. Period Wed Apr 18 12:00:00 2007 UTC to Thu Apr 19 12:00:00 2007 UTC. There were 5 messages: 5 from Zope Unit Tests. Tests passed OK --- Subject: OK : Zope-2.7 Python-2.3.6 : Linux From: Zope Unit Tests Date: Wed Apr 18 20:53:16 EDT 2007 URL: http://mail.zope.org/pipermail/zope-tests/2007-April/007603.html Subject: OK : Zope-2.8 Python-2.3.6 : Linux From: Zope Unit Tests Date: Wed Apr 18 20:54:46 EDT 2007 URL: http://mail.zope.org/pipermail/zope-tests/2007-April/007604.html Subject: OK : Zope-2.9 Python-2.4.4 : Linux From: Zope Unit Tests Date: Wed Apr 18 20:56:17 EDT 2007 URL: http://mail.zope.org/pipermail/zope-tests/2007-April/007605.html Subject: OK : Zope-2.10 Python-2.4.4 : Linux From: Zope Unit Tests Date: Wed Apr 18 20:57:48 EDT 2007 URL: http://mail.zope.org/pipermail/zope-tests/2007-April/007606.html Subject: OK : Zope-trunk Python-2.4.4 : Linux From: Zope Unit Tests Date: Wed Apr 18 20:59:19 EDT 2007 URL: http://mail.zope.org/pipermail/zope-tests/2007-April/007607.html ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] The ZClass Decision I face
Thank you very much for all the support. A lot of it was warnings about the pitfalls facing me. There was an excellent email in support of Grok. I added that to the ZClass wiki. While I did not get any software written yet, I am pleased to say that I upgraded the Zope Wiki on ZClasses. Someone should find that helpful. It is clear that I have a very hard decision in front of me. Those of us who want to use ZClasses, have a very hard choice to make. Stay with a broken ZClass implementation, fix ZClasses and break Zope 2 and fork the Zope tree, or write a new version of ZClasses in Zope 3 and leave our legacy applications behind. I have been very happy with my Choice of Zope 2 many years ago. I now better understand its limitations. The problem is that whichever path I take, I have to live with it. Regards Chris ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: Killer App for ZClasses
Christopher Lozinski wrote: I do have an accounting application I want to bring up quickly, and this seems to me the fastest way to bring it up, but also to have an upgrade path to the future. We do http://www.last-bastion.net/BastionLedger which is a full double entry general ledger with an entire order management workflow suite with skinnable order/invoice forms. Just download it and install it. Alan ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-PAS] Re: PlonePAS using SQL get AttributeError
Previously Sidnei da Silva wrote: On 4/19/07, Tres Seaver [EMAIL PROTECTED] wrote: I doubt you would take my patch, which would just rip the whole thing out. The tradeoff (that users from the root acl_users get a weird or even broekn experience when browsing in the Plone UI), would be far better than stomping the root user folder, IMNSHO: really, that's an iced tea spoon problem. The problem is not just the Plone UI. It affects anyone that uses a different challenge scheme at the root than at a more internal level. And the problem is not just 'broken experience'. You can't login *at all* with a user from the root user folder on an internal folder, depending on how you setup your site. That means you can *lock yourself out*. And not even the emergency user would work IIRC. That's *as unacceptable* to me as replacing the root user folder. The emergency user handling in PAS is very robust; I do not see how even a completely broken user folder at a higher level can break that. The main problem for Plone (and other frameworks/applications) is that if the root user folder is not a PAS you can get users objects which do not implemented the IPropertiedUser interface, which may break your expectations. I suspect that the best route forward, at least for Plone, is to just declare that acquisitioned users will work fine in the ZMI, but may not work when you are using the Plone interface. That will allow us to drop the code which replaces the root user folder. I've repeated this a thousand times now. It only replaces the root user folder if it's a standard user folder, in which case PAS provides the *exact* same functionality of the standard user folder, and all the existing users are kept. It's essentially replacing six by half-dozen, and I just can't see anything wrong with that. I haven't seen any good justification of *why* that's a lame idea so far. 'It's lame because I said it is' doesn't cut it for me. It's an unneeded change to a critical object. If you can get away with not doing that you remove a possible risk of breakage. Wichert. -- Wichert Akkerman [EMAIL PROTECTED]It is simple to make things. http://www.wiggy.net/ It is hard to make things simple. ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Re: PlonePAS using SQL get AttributeError
On 4/19/07, Wichert Akkerman [EMAIL PROTECTED] wrote: The emergency user handling in PAS is very robust; I do not see how even a completely broken user folder at a higher level can break that. If the higher level user folder uses cookie authentication for example, and the emergency user exists on the root user folder. Since credentials are extracted in the higher level user folder and not passed on to the root user folder, the root user folder never gets a chance to authenticate the emergency user. The main problem for Plone (and other frameworks/applications) is that if the root user folder is not a PAS you can get users objects which do not implemented the IPropertiedUser interface, which may break your expectations. That's not as big of a problem as not being able to log in, right? I haven't seen any good justification of *why* that's a lame idea so far. 'It's lame because I said it is' doesn't cut it for me. It's an unneeded change to a critical object. If you can get away with not doing that you remove a possible risk of breakage. I could argue against 'unneeded'. As for possible risk of breakage, it's as risky as using PAS for a non-root user folder. Since, as you mentioned, emergency user should work fine, I don't see any risk, right? If PAS is prone to breakage it should be made robust, period. It's a matter of 'do we trust our own software or not'. The impression I get from being on this list is 'oh you can use it, but there are no guarantees', 'if it breaks don't come complain to us, is not our fault'. Maybe it would be better *not* to recommend PAS at all. -- Sidnei da Silva Enfold Systemshttp://enfoldsystems.com Fax +1 832 201 8856 Office +1 713 942 2377 Ext 214 ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Re: PlonePAS using SQL get AttributeError
Previously Sidnei da Silva wrote: On 4/19/07, Wichert Akkerman [EMAIL PROTECTED] wrote: The emergency user handling in PAS is very robust; I do not see how even a completely broken user folder at a higher level can break that. If the higher level user folder uses cookie authentication for example, and the emergency user exists on the root user folder. Since credentials are extracted in the higher level user folder and not passed on to the root user folder, the root user folder never gets a chance to authenticate the emergency user. Lets rephrase this: is the problem you see that the site user folder (which will be a PAS) issues a challenge, which results in credentials which the root user folder can not handle? Wichert. -- Wichert Akkerman [EMAIL PROTECTED]It is simple to make things. http://www.wiggy.net/ It is hard to make things simple. ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Re: PlonePAS using SQL get AttributeError
On 4/19/07, Wichert Akkerman [EMAIL PROTECTED] wrote: Previously Sidnei da Silva wrote: Lets rephrase this: is the problem you see that the site user folder (which will be a PAS) issues a challenge, which results in credentials which the root user folder can not handle? Yes. -- Sidnei da Silva Enfold Systemshttp://enfoldsystems.com Fax +1 832 201 8856 Office +1 713 942 2377 Ext 214 ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Re: PlonePAS using SQL get AttributeError
On Thu, 19 Apr 2007 08:16:25 -0400, Sidnei da Silva [EMAIL PROTECTED] wrote: On 4/19/07, Wichert Akkerman [EMAIL PROTECTED] wrote: Previously Sidnei da Silva wrote: Lets rephrase this: is the problem you see that the site user folder (which will be a PAS) issues a challenge, which results in credentials which the root user folder can not handle? Yes. why wouldn't the root just fall back to its own default if it can't find credentials, like in the case of a standard zodb user folder at the root, basic auth? ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Re: PlonePAS using SQL get AttributeError
Previously Sidnei da Silva wrote: On 4/19/07, Wichert Akkerman [EMAIL PROTECTED] wrote: Previously Sidnei da Silva wrote: Lets rephrase this: is the problem you see that the site user folder (which will be a PAS) issues a challenge, which results in credentials which the root user folder can not handle? Yes. But you can get that even with PAS if you change the challenger in your site PAS. For example if I configure my site to only allow OpenID logins you can no longer use the emergency user since no challenger will result in usernamepassword style credentials. Wichert. -- Wichert Akkerman [EMAIL PROTECTED]It is simple to make things. http://www.wiggy.net/ It is hard to make things simple. ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Re: PlonePAS using SQL get AttributeError
On 4/19/07, Kapil Thangavelu [EMAIL PROTECTED] wrote: why wouldn't the root just fall back to its own default if it can't find credentials, like in the case of a standard zodb user folder at the root, basic auth? It simply never gets a chance to do that IIRC. -- Sidnei da Silva Enfold Systemshttp://enfoldsystems.com Fax +1 832 201 8856 Office +1 713 942 2377 Ext 214 ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Re: PlonePAS using SQL get AttributeError
Previously Kapil Thangavelu wrote: On Thu, 19 Apr 2007 08:16:25 -0400, Sidnei da Silva [EMAIL PROTECTED] wrote: On 4/19/07, Wichert Akkerman [EMAIL PROTECTED] wrote: Previously Sidnei da Silva wrote: Lets rephrase this: is the problem you see that the site user folder (which will be a PAS) issues a challenge, which results in credentials which the root user folder can not handle? Yes. why wouldn't the root just fall back to its own default if it can't find credentials, like in the case of a standard zodb user folder at the root, basic auth? There is an interesting trick here. Suppose we have a configuration like this: - basic root user folder +- a site +- a PAS user folder which is configured to only handle OpenID you can not login directly with the emergency user on this site since the site will never issue a challenge which will provide a username and password which the emergency user authentication can use. But if you access the application root first that will result in a challenge being send which the emergency user authentication can handle. And once the session for that has been setup you suddenly will be able to access the site with the emergency user. Of course this assumes that you can access the application root outside the site. I do not think that is a bad assumption to make for someone who can setup the emergency user. Wichert. -- Wichert Akkerman [EMAIL PROTECTED]It is simple to make things. http://www.wiggy.net/ It is hard to make things simple. ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Re: PlonePAS using SQL get AttributeError
On 4/19/07, Wichert Akkerman [EMAIL PROTECTED] wrote: But you can get that even with PAS if you change the challenger in your site PAS. For example if I configure my site to only allow OpenID logins you can no longer use the emergency user since no challenger will result in usernamepassword style credentials. Correct. In the case of PlonePAS, we are just making the default, out-of-the-box config be not broken instead of being broken by default. -- Sidnei da Silva Enfold Systemshttp://enfoldsystems.com Fax +1 832 201 8856 Office +1 713 942 2377 Ext 214 ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Re: PlonePAS using SQL get AttributeError
On Thu, 19 Apr 2007 08:33:16 -0400, Sidnei da Silva [EMAIL PROTECTED] wrote: On 4/19/07, Wichert Akkerman [EMAIL PROTECTED] wrote: But you can get that even with PAS if you change the challenger in your site PAS. For example if I configure my site to only allow OpenID logins you can no longer use the emergency user since no challenger will result in usernamepassword style credentials. Correct. In the case of PlonePAS, we are just making the default, out-of-the-box config be not broken instead of being broken by default. looking at this further, there really doesn't seem to be any good way to allow the root to be a non pas, and allow the plone default authentication (form based) to work with users in the root, without replacing the root. the way pas monkey patches the response during traversal, basically asserts only the inner most user folder gets a chance to challenge. apologies to the integrators, there really isn't a workaround for this outside of reworking pas's challenge mechanism or the challenge plugins to allow delegation up the chain, the means of which isn't apparent to me. -kapil ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Re: PlonePAS using SQL get AttributeError
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sidnei da Silva wrote: On 4/19/07, Tres Seaver [EMAIL PROTECTED] wrote: I doubt you would take my patch, which would just rip the whole thing out. The tradeoff (that users from the root acl_users get a weird or even broekn experience when browsing in the Plone UI), would be far better than stomping the root user folder, IMNSHO: really, that's an iced tea spoon problem. The problem is not just the Plone UI. It affects anyone that uses a different challenge scheme at the root than at a more internal level. And the problem is not just 'broken experience'. You can't login *at all* with a user from the root user folder on an internal folder, depending on how you setup your site. That means you can *lock yourself out*. And not even the emergency user would work IIRC. That's *as unacceptable* to me as replacing the root user folder. I haven't successfully locked myself out of the ZMI since before PAS went into production. If you have a reproducible test case for this, then lets fix PAS so that it can't happen. If it *can* happen, then either the non-root PAS or one of its plugins is broken (becuase a non-root PAS *has* to delegate to the root, no matter what). If that means that some kinds of challenges can't be done sanely without replacing the root user folder, then *document* that: IF you want to use the BazBam challenge model, you need to make your root 'acl_users' a PAS and *put the plugin there*. I've repeated this a thousand times now. It only replaces the root user folder if it's a standard user folder, in which case PAS provides the *exact* same functionality of the standard user folder, and all the existing users are kept. It's essentially replacing six by half-dozen, and I just can't see anything wrong with that. I haven't seen any good justification of *why* that's a lame idea so far. 'It's lame because I said it is' doesn't cut it for me. It is lame becuase: - the Plone site *doesn't own the root*, and should never touch anything outside its own site object. - It is a kludgy workaround for a bug. - it violates the Law of Least Surprise, and pisses off those who trip over it. At a *minimum*, the UI which kicks this off should inform the user that it will happen (by detecting the replaceable folder). Not quite as minimally, it should allow the user to opt out. - it introduces the possibility of *more* bugs. I'm 36.842% sure that using a 'Delegating Multi Plugin' or some similar beast could avoid this. But when I tried to use the 'Delegating Multi Plugin' it was just plain unusable, and I've locked myself out. No one would mind a patch that implemented something like that as an alternative to replacing the the root user folder. Lets work on that, instead of arguing further. I still need a recipe for provoking the lockout (and one which uses only stock plugins, if possible). Someone with minimal PAS knowledge can certainly come up with a configuration that allows users from the root user folder to login at more internal user folders. In fact, that should be the standard out-of-the-box behaviour for PAS. I'll disagree: a non-root user folder is supposed to: - return 'None' from a failed 'validate'. This is important, because if the non-root folder fakes owning the user from the root folder, that user will be unable to access protected resources from outside the non-root's container. - avoid grabbing sole control of the challenge process. This is where the user experience comes in; trying to avoid the basic auth prompt *at all costs* is evil in a non-root folder. In order to make this work, challenge plugins may have to fake basic-auth credentials into the request, so that the root folder can still authenticate. Tres. - -- === Tres Seaver +1 540-429-0999 [EMAIL PROTECTED] Palladion Software Excellence by Designhttp://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGJ28s+gerLs4ltQ4RAodCAJ9DxmCBQD56IwjBesJwUwH8F/2ZMgCePr+d sEAWZQN6wAQLZ2otJV1BpLc= =WWAl -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
[Zope-PAS] Re: PlonePAS using SQL get AttributeError
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sidnei da Silva wrote: On 4/19/07, Kapil Thangavelu [EMAIL PROTECTED] wrote: why wouldn't the root just fall back to its own default if it can't find credentials, like in the case of a standard zodb user folder at the root, basic auth? It simply never gets a chance to do that IIRC. That is a bug in whatever challenge plugin you are using, then. That does *not* happen with the standard challenge plugins (cookie / session auth), which arrange to add those credentials to the request in a form digestible as basic auth. Tres. - -- === Tres Seaver +1 540-429-0999 [EMAIL PROTECTED] Palladion Software Excellence by Designhttp://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGJ3T4+gerLs4ltQ4RAtKQAKCLMer9YKtYn2PgFFZ4IzOBjfrp2QCdF8xh zXCew2vFeEFu74nY+x4KNAQ= =4gdN -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Re: PlonePAS using SQL get AttributeError
On 4/19/07, Tres Seaver [EMAIL PROTECTED] wrote: That is a bug in whatever challenge plugin you are using, then. That does *not* happen with the standard challenge plugins (cookie / session auth), which arrange to add those credentials to the request in a form digestible as basic auth. Wrong. That's exactly where the problem is, IIRC. They set request._auth, but at the time control is passed to the standard user folder, request._auth has already been bound to a local variable in BaseRequest.traverse(). -- Sidnei da Silva Enfold Systemshttp://enfoldsystems.com Fax +1 832 201 8856 Office +1 713 942 2377 Ext 214 ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas