On Wed, Feb 01, 2006 at 05:09:58PM -0800, Dennis Allison wrote: > Just moved all our systems to ZSyncer 0.7.0 and have encountered a > problem related to authentication. > > In our past setup, using ZSyncer 0.5.1, we use the ability to specify > a user:password to provide a single authorization mechanism that could be > used by all of our developers. > > Now we've stumbled onto the fact that ZSyncer 0.7.0 has eliminated the > optin al user:password specification. Some of our users can use ZSyncer > and others cannot. It's not clear what authorization is being used -- I > suspect it is ownership, but I have not investigated.
By default, it's the currently logged in user. This requires that the same user/password exist on the destination Zope as well. If you don't want to do that, you can specify it in the destination URLs. This is described in a couple places in README.txt. Advantage of this compared to the old way: You can use different user/passwd on each of several destination servers. (This was a use case for the guy that made the change). Disadvantage: The password is in cleartext in the ZSyncer configuration page in the ZMI. If that's a problem, be careful who is allowed access to that page :-) I'm not crazy about the latter, but it gives the needed flexibility and I haven't had time to create a UI that doesn't show it in cleartext. If somebody comes up with patches I'll happily apply them. -- Paul Winkler http://www.slinkp.com _______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )