Sorry but can't you post in one message? Also, Zope does do SSL but it's not as good as Apache. And some advice - keep personal insults out of it.On 2/8/06,
Chris Withers <[EMAIL PROTECTED]> wrote:
michael nt milne wrote:> ok, I've gone into the security tab in the site root and set 'view' to> 'au
Look I'm having genuine issues here and to be honest there's no need to become personally insulting. I've just set-up Plone on an Windows server with SSL Apache and multiple virtual hosts so don't take kindly to a few of these remarks. The last piece of my jigsaw is authenication which is becoming
Dennis Allison wrote:
2006-02-06T14:07:20 INFO ZPublisher.Conflict ConflictError at
:
database conflict error (oid 0x086e, class BTrees._OOBTree.OOBTree, serial
this txn started with 0x03633ca95f75e900 2006-02-06 22:01:22.373575,
serial currently committed 0x03633caf59114244 2006-02-06 22:07:2
Palermo, Tom wrote:
Is it possible to set proxy roles on methods located in Zope Products.
Not really, why do you think you need to?
see them in a sitemap (uses dtml-tree). However, I've got an edit_html
method located in a Zope product that then needs to use stuff in one of the
folders that
michael nt milne wrote:
I have major problems here trying to set-up authentication over a whole
Plone site using Zope. Using my superuser account I've navigated to the site
root page in the ZMI where it lists all the site pages and objects etc. I've
then gone into security, scrolled down to the b
michael nt milne wrote:
ok, I've gone into the security tab in the site root and set 'view' to
'authenticated' whilst de-selecting aquire.
Yay!
However, using the password that
gets me into the overall 8080/manage doesn't work.
Huh? Can you provide any less information, or maybe make it a
michael nt milne wrote:
But if you've got Apache ssl as well then it's more secure.
Yes, SSL is a transport encryption method, not an authentication method...
The problem I've found is that you can't put this in the httpd.conf unless
it is wrapped in a directive
AuthType Basic
AuthName "Mem
michael nt milne wrote:
Also, just to say that I did a test on only letting authenticated and
managers view the root page of the site over ssl.
How?
If you just cancelled the
login box or closed it, the whole front page was displayed without any css
but you could still get all the content.
michael nt milne wrote:
Also I'm implementing an extranet solution where extra security is
required-so therefore an apache login and a further plone login for
editing the site.
I commented to someone asking similar questions about them being stupid,
lazy or both. I don't think you're lazy ;-)
michael nt milne wrote:
Sorry but there's alot of Apache knowledge here and it's completely
relevant.
No it isn't, if you want to use Apache auth, go ask on an Apache forum.
You don't, but you think you do, and you won't listen to anyone, which
is annoying in its own right...
Also Zope does
On 08.02.06 21:38:26, michael nt milne wrote:
> Of course I did. Why on earth would you be able to view a front page of a
> site when it is labelled as 'authenticated' and also as 'manager' ? just by
> pressing cancel or return a few times.
I just checked that with a plain Zope's index_html. I can
Mark Barratt schrieb:
> michael nt milne wrote:
>
...
> My other advice is to try not to touch ZMI security screens: if you're
> using Plone you should try to set up the security you need in Plone as
Ah yes, things are a bit different when plone comes in. Then Plone
documentation should be consul
michael nt milne schrieb:
> Sorry but this is not my experience and I have experimented. Am using
> gmail basic setting which I like.
Be sure mailinglist people dont like it :-)
Actually it should not bee too hard to
1) create a role, lets call it "Guests" (in / )
2) create a user: guest (in /acl
michael nt milne wrote:
I find the Zope security, permissions set-up hideously complex and
unusable to be honest and it doesn't even seem to work.
Yes. But security is hard on any capable system, with users, groups,
objects, applications all having security attributes and all those
things in
Sorry but this is not my experience and I have experimented. Am using gmail basic setting which I like. On 2/8/06, Tino Wildenhain <
[EMAIL PROTECTED]> wrote:michael nt milne schrieb:> Of course I did. Why on earth would you be able to view a front page of
> a site when it is labelled as 'authentic
michael nt milne schrieb:
> Of course I did. Why on earth would you be able to view a front page of
> a site when it is labelled as 'authenticated' and also as 'manager' ?
> just by pressing cancel or return a few times. Big security flaw I'm
> sorry. Also superuser passwords don't work when securi
I printed out the section on Zope security quite a while ago and read it. So it's not just in the last ten minutes. I haven't tried verbosesecurity just yet as I haven't had the time. Basically, the security should work without that.
On 2/8/06, Andreas Pakulat <[EMAIL PROTECTED]> wrote:
On 08.02.06
On 08.02.06 21:25:33, michael nt milne wrote:
> I've just tried this on a completely different server. I also made sure that
> 'access contents information' was set to 'manager' and 'authenticated'.
Wow, you read the zope-book on security, setup a new zope on a server
and checked this in just 10 m
Of course I did. Why on earth would you be able to view a front page of a site when it is labelled as 'authenticated' and also as 'manager' ? just by pressing cancel or return a few times. Big security flaw I'm sorry. Also superuser passwords don't work when security is set up and I've tried this o
michael nt milne schrieb:
> Thanks for the advice. I'll have another look at the security settings
> but this is undoubtedly an issue. The superuser password not working is
> the main one etc. But ultimately my comments on usabiltity should be
> taken on board because Zope security is overly com
I've just tried this on a completely different server. I also made sure that 'access contents information' was set to 'manager' and 'authenticated'.The same thing happens. The main password doesn't work and also you still get the main page contents if you keep cancelling or pressing return on the l
Thanks for the advice. I'll have another look at the security settings but this is undoubtedly an issue. The superuser password not working is the main one etc. But ultimately my comments on usabiltity should be taken on board because Zope security is overly complex.
On 2/8/06, Dieter Maurer <[E
Zope 2.9.0
Python 2.4.2
There appears to still be a problem with session variables that does not
appear to be the result of interactions with conflicts nor the result of
unexpected restarts. It does not appear to be load related.
The problem we see is a sudden disappearance of all, one, or a sm
michael nt milne wrote at 2006-2-8 16:48 +:
>I have major problems here trying to set-up authentication over a whole
>Plone site using Zope. Using my superuser account I've navigated to the site
>root page in the ZMI where it lists all the site pages and objects etc. I've
>then gone into securi
Dennis Allison wrote at 2006-2-7 18:18 -0800:
> ...
>What sort of Zope failure can cause this sort of behavior? What's the
>best approach to get more information to localize the failure.
A crash presented to Zope as a fatal signal (usually "SIGSEGV"
or "SIGBUS").
Reconfigure your Linux account
Palermo, Tom wrote at 2006-2-8 09:59 -0500:
>Is it possible to set proxy roles on methods located in Zope Products.
No, but I posted some time ago (to "zope-cmf" or "plone-users")
code that allows you to set proxy roles on a region in
trusted code. Search for "ProxyContext".
--
Dieter
On 08.02.06 16:48:08, michael nt milne wrote:
> I have major problems here trying to set-up authentication over a whole
> Plone site using Zope.
Start simple, start up a plain Zope, create a ZPT or DTML and change
it's view right. See what happens.
> I find the Zope security, permissions set-up h
On 8 Feb 2006, at 16:48, michael nt milne wrote:
I get a pop-up box but the superuser manager pass doesn't work.
If the superuser password is indeed set up correctly then this is a
fault of the user folder. There are some bad implementations out that
that do not respect the superuser/emerg
HiI have major problems here trying to set-up authentication over a whole Plone site using Zope. Using my superuser account I've navigated to the site root page in the ZMI where it lists all the site pages and objects etc. I've then gone into security, scrolled down to the bottom and for the 'View'
Zope 2.8.4
Python 2.4.2
Startup error with Formulator. What's missing or broken?
Out of the box:
2006-02-08T01:51:58 ERROR Zope Couldn't install Five
Traceback (most recent call last):
File "/usr/local/src/zope/Zope2.8/lib/python/OFS/Application.py", line
773, in install_product
initmeth
Hi All,
Is it possible to set proxy
roles on methods located in Zope Products. I need to turn the View permission
off on some folders so certain users can't see them in a sitemap (uses
dtml-tree). However, I've got an edit_html method located in a Zope product that
then needs to use stuff
On 2/7/06, Michael Vartanyan <[EMAIL PROTECTED]> wrote:
> well. I would really like to know what does this "b/w" mean in this
> context? Not black&white for sure :-)
I'd guess at 'backward compatibility'.
--
Martijn Pieters
___
Zope maillist - Zope@zo
ok, I've gone into the security tab in the site root and set 'view' to 'authenticated' whilst de-selecting aquire. However, using the password that gets me into the overall 8080/manage doesn't work. Also the front page still comes up if you cancel the login box and the page displays without css. Th
On 7 Feb 2006, at 23:58, michael nt milne wrote:
Also, just to say that I did a test on only letting authenticated
and managers view the root page of the site over ssl. If you just
cancelled the login box or closed it, the whole front page was
displayed without any css but you could still
34 matches
Mail list logo