[Zope-Checkins] SVN: Zope/trunk/configure added Python 2.4.3 support

2006-03-30 Thread Andreas Jung
Log message for revision 66264: added Python 2.4.3 support Changed: U Zope/trunk/configure -=- Modified: Zope/trunk/configure === --- Zope/trunk/configure2006-03-30 08:42:17 UTC (rev 66263) +++ Zope/trunk/configure

[Zope-Checkins] SVN: Zope/branches/2.9/configure added support for Python 2.4.3

2006-03-30 Thread Andreas Jung
Log message for revision 66265: added support for Python 2.4.3 Changed: U Zope/branches/2.9/configure -=- Modified: Zope/branches/2.9/configure === --- Zope/branches/2.9/configure 2006-03-31 05:21:47 UTC (rev 66264) +++

[Zope-dev] Re: TCP CLOSE_WAIT leaks

2006-03-30 Thread Florent Guillaume
Alan Milligan wrote: I managed to get a DeadlockDebugger trace on this thing, it made very interesting reading: Ah you did, good. I was surprised by your earlier statement saying that the fact that all threads were used was preventing it from working, this shouldn't be the case. Florent

[Zope-dev] Dependent List

2006-03-30 Thread Raúl Jiménez
Hello, I have a problem with my archetype, I'm using dependent lists. I've downloaded the MasterSelectWidget product, but I have a problem with it. In my archetype I have a master field and a slave one, I install the archetype, I add an object of this type to my portal, but when I load the

[Zope-dev] Re: Dependent List

2006-03-30 Thread Philipp von Weitershausen
Raúl Jiménez wrote: Hello, I have a problem with my archetype, I'm using dependent lists. I've downloaded the MasterSelectWidget product, but I have a problem with it. In my archetype I have a master field and a slave one, I install the archetype, I add an object of this type to my

Re: [Zope] Re: Question about Zope and security

2006-03-30 Thread Chris Withers
Cyrille Bonnet wrote: I am using Plone 2.1.2, which uses CookieCrumbler. I wanted to put the problem in a Zope perspective, though: this is why I didn't mention that. Then I'd suggest going and bugging the Plohn people about this. CookeCrumbler _is_ insecure, and I've pointed this out and

Re: [Zope] Re: Question about Zope and security

2006-03-30 Thread Chris Withers
Tino Wildenhain wrote: Cyrille Bonnet wrote: Hi Terry, ... Sorry, I wasn't even aware that Zope stores the passwords in plain text. My primary concern (for the moment) is passwords in plain text in the request. No it does not. The default userfolder stores passwords hashed. What

Re: [Zope] Re: Question about Zope and security

2006-03-30 Thread Tino Wildenhain
Chris Withers schrieb: ... what way? http basic auth is a standard. cookie auth isn't, and it's always insecure no matter how you implement it they are both equally insecure - while you can make the cookie (as session auth) a little more secure - but after all its worth nothing as long as you

Re: [Zope] Re: Question about Zope and security

2006-03-30 Thread Tino Wildenhain
Chris Withers schrieb: Tino Wildenhain wrote: Cyrille Bonnet wrote: Hi Terry, ... Sorry, I wasn't even aware that Zope stores the passwords in plain text. My primary concern (for the moment) is passwords in plain text in the request. No it does not. The default userfolder stores

[Zope] ZopeTime in Zope 2.9.1

2006-03-30 Thread JoseLuis de la Rosa Triviño
Hello, I've been using the product WhoOnline on zope 2.8.4 with CPS 3.3.8, now I have migrated to zope 2.9.1, cmf 1.6 and CPS 3.4 and when I try to install WhoOnline (with an external method and with CMFGenericSetup) I get an error because ZopeTime is not available. Does anybody knows how to

Re: [Zope] ZopeTime in Zope 2.9.1

2006-03-30 Thread Andreas Jung
--On 30. März 2006 12:19:24 +0200 JoseLuis de la Rosa Triviño [EMAIL PROTECTED] wrote: Hello, I've been using the product WhoOnline on zope 2.8.4 with CPS 3.3.8, now I have migrated to zope 2.9.1, cmf 1.6 and CPS 3.4 and when I try to install WhoOnline (with an external method and with

Re: [Zope] ZopeTime in Zope 2.9.1

2006-03-30 Thread Lennart Regebro
On 3/30/06, JoseLuis de la Rosa Triviño [EMAIL PROTECTED] I've been using the product WhoOnline on zope 2.8.4 with CPS 3.3.8, now I have migrated to zope 2.9.1, cmf 1.6 and CPS 3.4 and when I try to install WhoOnline (with an external method and with CMFGenericSetup) I get an error because

Re: [Zope] Question about Zope and security

2006-03-30 Thread bruno desthuilliers
Cyrille Bonnet wrote: Hi there, I have been telling all my clients about how great Zope is for security: fine-grained permissions, security framework, roles, etc. Now, one of my clients has a security expert who took a close look at how Zope authenticates users. The results were not good.

Re: [Zope] Question about Zope and security

2006-03-30 Thread Andrew Milton
+---[ bruno desthuilliers ]-- | Cyrille Bonnet wrote: | Hi there, | | I have been telling all my clients about how great Zope is for security: | fine-grained permissions, security framework, roles, etc. | | Now, one of my clients has a security expert who took a

RE: [Zope] ZopeTime in Zope 2.9.1

2006-03-30 Thread JoseLuis de la Rosa Triviño
Excuse me, I wasn't explicit enough an even It was a problem of a code I had added. However, I have created the profile needed to install WhoOnline in CPS using CMFGenericSetup, how could I share this code? Thank you very much JoseLuis de la Rosa Triviño Becario Área de Sistemas de

Re: [Zope] ZopeTime in Zope 2.9.1

2006-03-30 Thread Lennart Regebro
On 3/30/06, JoseLuis de la Rosa Triviño [EMAIL PROTECTED] wrote: However, I have created the profile needed to install WhoOnline in CPS using CMFGenericSetup, how could I share this code? That would be mostly of interest to the author of WhoOnline, I guess. -- Lennart Regebro, Nuxeo

[Zope] Dependent List

2006-03-30 Thread [EMAIL PROTECTED]
Hello, I have a problem with my archetype, I'm using dependent lists. I've downloaded the MasterSelectWidget product, but I have a problem with it. In my archetype I have a master field and a slave one, I install the archetype, I add an object of this type to my portal, but when I load the saved

[Zope] Strange behavior with TAL and python: expressions

2006-03-30 Thread Floyd May
Great and mighty Zope gurus, I have a template which calls a macro. Within the template, I tal:define a variable, 'form'. Within the macro, the 'form' variable (which is an FSForm object) is defined as None unless I access it using python expressions. If I attempt to do anything with

Re: [Zope] Permission denied running Zope 2.8.5 configure

2006-03-30 Thread Glenn Gillis
Jens Vagelpohl wrote: When attempting to configure Zope 2.8.5, however, I receive the following error from configure: [EMAIL PROTECTED]:www.climatelaw.org]$ /usr/local/zope/software-home/zope/configure

Re: [Zope] Dependent List

2006-03-30 Thread Andreas Jung
--On 30. März 2006 17:54:57 +0200 [EMAIL PROTECTED] wrote: Hello, I have a problem with my archetype, I'm using dependent lists. Wrong list. There are dedicated mailing lists for Archetypes and Plone. -aj pgp1lO66B74f6.pgp Description: PGP signature

[Zope] zope and nagios

2006-03-30 Thread robert rottermann
Hi there, I would like to test if zope is running using nagios. I would be gratefull if somebody could could point me to some info how to best do this. I am especially interested to learn what to test to detect a running but not responding zope. Just looking up a page seems not to do the

[Zope] single sign-on

2006-03-30 Thread Fernando Martins
Hi, I'm doing single sign-on using Apache+mod_ntlm+FastCGI. Since the last is deprecated, is there any alternative? TIA, Fernando Martins ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML

Re: [Zope] single sign-on

2006-03-30 Thread Andreas Jung
--On 30. März 2006 21:16:09 +0200 Fernando Martins [EMAIL PROTECTED] wrote: Hi, I'm doing single sign-on using Apache+mod_ntlm+FastCGI. Since the last is deprecated, is there any alternative? As documented: Zope as standalone server + an optional reverse proxy (Squid/Apache). But no

RE: [Zope] zope and nagios

2006-03-30 Thread Doyon, Jean-Francois
Actually to detect whether it is *running* fetching a page will do the trick. That's what we do here and it works fine. That will NOT detect however if Zope is running, but errors are occuring. I sthat what you really want? Why would looking up a page not do the trick? J.F. -Original

Re: [Zope] zope and nagios

2006-03-30 Thread Ron Bickers
On Thu March 30 2006 13:21, robert rottermann wrote: I would like to test if zope is running using nagios. I would be gratefull if somebody could could point me to some info how to best do this. I am especially interested to learn what to test to detect a running but not responding zope.

RE: [Zope] single sign-on

2006-03-30 Thread Fernando Martins
Hi, I'm doing single sign-on using Apache+mod_ntlm+FastCGI. Since the last is deprecated, is there any alternative? As documented: Zope as standalone server + an optional reverse proxy (Squid/Apache). But no idea how this would solve a SSO issue. -aj Yes, I understand the

[Zope] Re: Question about Zope and security

2006-03-30 Thread Cyrille Bonnet
Thanks to all for your feedback: I understand better what is going on now. SSL is definitely the way to go, that would solve all my problems. Now, just to push the problem a bit further: ideally, I'd like to put SSL just on the login form. Zope would authenticate the user in that request and

Re: [Zope] Re: Question about Zope and security

2006-03-30 Thread Bill Campbell
On Fri, Mar 31, 2006, Cyrille Bonnet wrote: Thanks to all for your feedback: I understand better what is going on now. SSL is definitely the way to go, that would solve all my problems. Now, just to push the problem a bit further: ideally, I'd like to put SSL just on the login form. Zope would

Re: [Zope] Re: Question about Zope and security

2006-03-30 Thread Lennart Regebro
On 3/30/06, Cyrille Bonnet [EMAIL PROTECTED] wrote: Now, just to push the problem a bit further: ideally, I'd like to put SSL just on the login form. Zope would authenticate the user in that request and return a session ID that would then be passed back and forth in each request (without SSL).

Re: [Zope] single sign-on

2006-03-30 Thread Lennart Regebro
On 3/30/06, Fernando Martins [EMAIL PROTECTED] wrote: Yes, I understand the alternative to FastCGI, but mod_proxy doesn't pass the required environmental variable REMOTE_USER to zope. I was asking about single sign-on alternatives for Zope. Yale made a system called CAS, that workes fine for

Re: [Zope] zope and nagios

2006-03-30 Thread robert rottermann
Doyon, Jean-Francois wrote: Actually to detect whether it is *running* fetching a page will do the trick. That's what we do here and it works fine. That will NOT detect however if Zope is running, but errors are occuring. I sthat what you really want? Why would looking up a page not do the

[Zope] Can't establish connection to localhost

2006-03-30 Thread Carl Symons
Been working with Zope error-free on localhost for months. I just tried to install a plone skin, which I've done successfully previously. Directions are to restart zope Attempting to do so returns message: Unable to connect firefox can't establish a connection to the server at localhost:8081

Re: [Zope] Can't establish connection to localhost

2006-03-30 Thread Andreas Jung
--On 30. März 2006 21:22:15 -0800 Carl Symons [EMAIL PROTECTED] wrote: Been working with Zope error-free on localhost for months. I just tried to install a plone skin, which I've done successfully previously. Directions are to restart zope Attempting to do so returns message: Unable to

RE: [Zope] single sign-on

2006-03-30 Thread Fernando Martins
Lennart Regebro wrote: On 3/30/06, Fernando Martins [EMAIL PROTECTED] wrote: Yes, I understand the alternative to FastCGI, but mod_proxy doesn't pass the required environmental variable REMOTE_USER to zope. I was asking about single sign-on alternatives for Zope. Yale made a system called

Re: [Zope] single sign-on

2006-03-30 Thread Lennart Regebro
On 3/31/06, Fernando Martins [EMAIL PROTECTED] wrote: Interesting to know about, but it seems to be restricted to web sso, whereas I had in mind sso including the workstation login. Ah. I dont know how (or if) you do that with CAS. It seems to be a full authentication mechanism on its own