[Zope-dev] Re: Zope X3 3.0 Beta 4 is available

Jim Fulton wrote: Zope X3 3.0 Beta 4 is available at: http://zope.org/Products/ZopeX3/3.0.0b4 Here's a reported problem and a work around (for now). This doesn't apply to Windows. The configure script only works with bash. :( We are working on a fix, but in the mean time, if you are running on a

[Zope-dev] Zope X3 3.0 Beta 4 is available

Zope X3 3.0 Beta 4 is available at: http://zope.org/Products/ZopeX3/3.0.0b4 Both a source release and a windows binary release are available. Zope X3 is the next generation of Zope. The "X" in Zope X3 means that it *currently* makes so special provisions for being backward compatible with or pro

Re: [Zope-dev] Re: Suggestion for small(?) change in BaseRequest.py. Security effects?

Tres Seaver wrote at 2004-9-3 08:56 -0400: > ... >I am worried that there may be third-party application code which relies >on 'validate' to raise an exception. Returning the login form directly >is not really a big win over a redirect; among other things, it messes >up cacheability, because t

Re: [Zope-dev] Suggestion for small(?) change in BaseRequest.py. Security effects?

Lennart Regebro wrote at 2004-9-3 12:05 +0200: > ... >Dieter Maurer wrote: >> If the traversal made any changes to persistent state, then >> these changes are committed rather than aborted. >> >> Usually, traversal should not change the persistent state -- but... > >Would the transaction.abort() a

[Zope-dev] Re: Suggestion for small(?) change in BaseRequest.py. Security effects?

Lennart Regebro wrote: Dieter Maurer wrote: Lennart Regebro wrote at 2004-9-2 12:38 +0200: ... Are there any other problems with NOT raising an exception in unathorized(). Becuase if there is, we probably limit the possible challenge responses to a redirect, and then this change makes no differe

Re: [Zope-dev] Suggestion for small(?) change in BaseRequest.py. Security effects?

Dieter Maurer wrote: Lennart Regebro wrote at 2004-9-2 12:38 +0200: ... Are there any other problems with NOT raising an exception in unathorized(). Becuase if there is, we probably limit the possible challenge responses to a redirect, and then this change makes no difference. If the traversal m

Re: [Zope-dev] Re: Developing plugins for PluggableAuthService

Lennart Regebro wrote: Somebody can fix that for 2.8 tomorrow, maybe? Well, zLOG is totally gone is 2.8, I guess it could do with fixing on the 2.7 branch, so please submit a collector entry :-) cheers, Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.sim