Re: [Zope-dev] Specify a domain and leave the password for a user blank
It's not a bug, in fact it's a cool way to allow different types of anonymous users. That's not to say that it's a fool-proof way of doing it, but it generally works, as long as you don't rely on it for any sort of security ;) . The thing is that in later zope versions the functionality has been turned off by default, and (at least for 2.6.2) you have to turn it on manually, like so: http://your.server/acl_users/setDomainAuthenticationMode?domain_auth_mode=1 The docstring for this method (from a zope 2.7.0 install) is as follows: """Set the domain-based authentication mode. By default, this mode is off due to the high overhead of the operation that is incurred for all anonymous accesses. If you have the 'Manage Users' permission, you can call this method via the web, passing a boolean value for domain_auth_mode to turn this behavior on or off.""" btw, the method is in /lib/python/AccessControl/User.py hth Phil Andreas Jung wrote: I think you are describing a flaw that had been removed in older versions. Does not sound like a feature but like a bug... -aj --On Dienstag, 9. März 2004 13:31 Uhr +0100 Juan Javier Carrera Obrero <[EMAIL PROTECTED]> wrote: Hi, In Zope 2.4 or older versions when a user is created, if you specify a domain and leave the password for a user blank, then anyone from the permitted domains automatically gets the user's roles without having to log in. However, it is not possible in Zope 2.7. I have created a user specifying a domain and leave the password for this user blank, and although I am in the domain, I have to log in. Anybody help me about it ? How can I create a user, specifying a domain, and if the user is in the domain does not have to log in? Thanks.- ___ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Specify a domain and leave the password for a user blank
I think you are describing a flaw that had been removed in older versions. Does not sound like a feature but like a bug... -aj --On Dienstag, 9. März 2004 13:31 Uhr +0100 Juan Javier Carrera Obrero <[EMAIL PROTECTED]> wrote: Hi, In Zope 2.4 or older versions when a user is created, if you specify a domain and leave the password for a user blank, then anyone from the permitted domains automatically gets the user's roles without having to log in. However, it is not possible in Zope 2.7. I have created a user specifying a domain and leave the password for this user blank, and although I am in the domain, I have to log in. Anybody help me about it ? How can I create a user, specifying a domain, and if the user is in the domain does not have to log in? Thanks.- - Original Message - From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, March 09, 2004 12:36 PM Subject: Zope-Dev Digest, Vol 8, Issue 15 Send Zope-Dev mailing list submissions to [EMAIL PROTECTED] To subscribe or unsubscribe via the World Wide Web, visit http://mail.zope.org/mailman/listinfo/zope-dev or, via email, send a message with subject or body 'help' to [EMAIL PROTECTED] You can reach the person managing the list at [EMAIL PROTECTED] When replying, please edit your Subject line so it is more specific than "Re: Contents of Zope-Dev digest..." Today's Topics: 1. Re: Re: Unexpected Behaviour iterating over catalog search... (Dieter Maurer) 2. Zopeservice and sitecustomize (Sake) 3. Re: Zopeservice and sitecustomize (Chris McDonough) 4. RE: Zopeservice and sitecustomize (Tim Peters) 5. RE: Zopeservice and sitecustomize (Tim Peters) 6. Re: Re: Unexpected Behaviour iterating over catalog search... (Chris Withers) 7. Re: [ZODB-Dev] Re: BTrees strangeness (was [Zope-dev] Zope 2.X BIG Session problems - blocker - our site dies - need help of experience Zope developer, please) (Alex V. Koval) -- Message: 1 Date: Mon, 8 Mar 2004 20:05:04 +0100 From: Dieter Maurer <[EMAIL PROTECTED]> Subject: Re: [Zope-dev] Re: Unexpected Behaviour iterating over catalog search... To: Jean Jordaan <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=us-ascii Jean Jordaan wrote at 2004-3-8 16:33 +0200: >>> Surely the thing returned by a Catalog search should be immutable? >> >> Nope, it is "lazy"; immutability would require "realizing" it first, >> which would be prohibitively expensive in many cases. > > Yes .. thing is, wrapping with list() or tuple() will therefore > also be prohibitive in those cases, When you want to uncatalog everything, "tuple"ing the result should not be a problem. Otherwise, a standard approach is to remember the objects you want to delete in a standard list and iterate over this list in a separate loop (outside the first one). -- Dieter -- Message: 2 Date: Tue, 09 Mar 2004 08:54:54 +0700 From: Sake <[EMAIL PROTECTED]> Subject: [Zope-dev] Zopeservice and sitecustomize To: [EMAIL PROTECTED] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Hi, I have Zope and Activestate Python installed together in the same win-xp machine. Everything works fine until I've learned that I can put "sys.setdefaultencoding('cp874')" into sitecustomize.py to accomodate my native language coding. Since I do that, my Zope 2.7.0 service can no longer start. I can start it manually from "runzope.bat", but it never start through the windows system service. A full day investigation reveal that the trouble cause by the missing of the '\lib\python' in the system environment's "PYTHONPATH". The "runzope.bat" set that up before then execution of "Zope.Startup.run.py", hence it run fine. But "zopeservice.py" rely on the "\bin\Lib\site-packages\sitecustomize.py" to set up the correct "PYTHONPATH". Here is the code inside Zope's sitecustomize.py """ Add Zope packages in Windows binary distro to sys.path automagically """ import sys import os try: sp = __file__ except: sp = None if sp: dn = os.path.dirname swhome = os.path.join(dn(dn(dn(dn(sp, 'lib', 'python') if os.path.exists(swhome): sys.path.insert(0, swhome) Unluckily, this sitecustomize.py is now masked with my sitecustomize.py inside Activestate's site-package directory, which actually get loaded by Zope via the Python registry load path (HKEY_LOCAL_MACHINE\SOFTWARE\Python\PythonCore\2.3\PythonPath) instead of the expected one. I don't think setting up PYTHONPATH inside sitecustomize.py is a good idea. Better keep this mechanism for site specific problems. I'd rather insert a line into zopeservice.py like this. import os.path from os.path import dirname as dn import sys # these are replacements from mkzopeinstance PYTHONW = r'C:\Zope-2.7.0\bin\pythonw.exe' SOFTWARE_HOME=r'C:\Zope-2.7.0\lib\python' INSTANCE_HOME = r'C:\Zope-MIB
[Zope-dev] Specify a domain and leave the password for a user blank
Hi, In Zope 2.4 or older versions when a user is created, if you specify a domain and leave the password for a user blank, then anyone from the permitted domains automatically gets the user's roles without having to log in. However, it is not possible in Zope 2.7. I have created a user specifying a domain and leave the password for this user blank, and although I am in the domain, I have to log in. Anybody help me about it ? How can I create a user, specifying a domain, and if the user is in the domain does not have to log in? Thanks.- - Original Message - From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, March 09, 2004 12:36 PM Subject: Zope-Dev Digest, Vol 8, Issue 15 > Send Zope-Dev mailing list submissions to > [EMAIL PROTECTED] > > To subscribe or unsubscribe via the World Wide Web, visit > http://mail.zope.org/mailman/listinfo/zope-dev > or, via email, send a message with subject or body 'help' to > [EMAIL PROTECTED] > > You can reach the person managing the list at > [EMAIL PROTECTED] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Zope-Dev digest..." > > > Today's Topics: > >1. Re: Re: Unexpected Behaviour iterating over catalog search... > (Dieter Maurer) >2. Zopeservice and sitecustomize (Sake) >3. Re: Zopeservice and sitecustomize (Chris McDonough) >4. RE: Zopeservice and sitecustomize (Tim Peters) >5. RE: Zopeservice and sitecustomize (Tim Peters) >6. Re: Re: Unexpected Behaviour iterating over catalog search... > (Chris Withers) >7. Re: [ZODB-Dev] Re: BTrees strangeness (was [Zope-dev] Zope > 2.X BIG Session problems - blocker - our site dies - need help of > experience Zope developer, please) (Alex V. Koval) > > > -- > > Message: 1 > Date: Mon, 8 Mar 2004 20:05:04 +0100 > From: Dieter Maurer <[EMAIL PROTECTED]> > Subject: Re: [Zope-dev] Re: Unexpected Behaviour iterating over > catalog search... > To: Jean Jordaan <[EMAIL PROTECTED]> > Cc: [EMAIL PROTECTED] > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset=us-ascii > > Jean Jordaan wrote at 2004-3-8 16:33 +0200: > >>> Surely the thing returned by a Catalog search should be immutable? > >> > >> Nope, it is "lazy"; immutability would require "realizing" it first, > >> which would be prohibitively expensive in many cases. > > > >Yes .. thing is, wrapping with list() or tuple() will therefore > >also be prohibitive in those cases, > > When you want to uncatalog everything, "tuple"ing the result should > not be a problem. > > Otherwise, a standard approach is to remember the objects you > want to delete in a standard list and iterate over this list > in a separate loop (outside the first one). > > -- > Dieter > > > > -- > > Message: 2 > Date: Tue, 09 Mar 2004 08:54:54 +0700 > From: Sake <[EMAIL PROTECTED]> > Subject: [Zope-dev] Zopeservice and sitecustomize > To: [EMAIL PROTECTED] > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > Hi, > > I have Zope and Activestate Python installed together in the same win-xp > machine. Everything works fine until I've learned that I can put > "sys.setdefaultencoding('cp874')" into sitecustomize.py to accomodate my > native language coding. Since I do that, my Zope 2.7.0 service can no > longer start. I can start it manually from "runzope.bat", but it never > start through the windows system service. A full day investigation > reveal that the trouble cause by the missing of the > '\lib\python' in the system environment's "PYTHONPATH". > The "runzope.bat" set that up before then execution of > "Zope.Startup.run.py", hence it run fine. But "zopeservice.py" rely on > the "\bin\Lib\site-packages\sitecustomize.py" to set up > the correct "PYTHONPATH". Here is the code inside Zope's sitecustomize.py > > """ Add Zope packages in Windows binary distro to sys.path automagically """ > import sys > import os > try: > sp = __file__ > except: > sp = None > if sp: > dn = os.path.dirname > swhome = os.path.join(dn(dn(dn(dn(sp, 'lib', 'python') > if os.path.exists(swhome): > sys.path.insert(0, swhome) > > Unluckily, this sitecustomize.py is now masked with my sitecustomize.py > inside Activestate's site-package directory, which actually get loaded > by Zope via the Python registry load path > (HKEY_LOCAL_MACHINE\SOFTWARE\Python\PythonCore\2.3\PythonPath) instead > of the expected one. > > I don't think setting up PYTHONPATH inside sitecustomize.py is a good > idea. Better keep this mechanism for site specific problems. I'd rather > insert a line into zopeservice.py like this. > > import os.path > from os.path import dirname as dn > import sys > > # these are replacements from mkzopeinstance > PYTHONW = r'C:\Zope-2.7.0\bin\pythonw.exe' > SOFTWARE_HOME=r'C:\Zope-2.7.0\lib\python' > INSTANCE_HOME = r'C: