Re: [Zope-dev] Specify a domain and leave the password for a user blank
It's not a bug, in fact it's a cool way to allow different types of anonymous users. That's not to say that it's a fool-proof way of doing it, but it generally works, as long as you don't rely on it for any sort of security ;) . The thing is that in later zope versions the functionality has been turned off by default, and (at least for 2.6.2) you have to turn it on manually, like so: http://your.server/acl_users/setDomainAuthenticationMode?domain_auth_mode=1 The docstring for this method (from a zope 2.7.0 install) is as follows: """Set the domain-based authentication mode. By default, this mode is off due to the high overhead of the operation that is incurred for all anonymous accesses. If you have the 'Manage Users' permission, you can call this method via the web, passing a boolean value for domain_auth_mode to turn this behavior on or off.""" btw, the method is in /lib/python/AccessControl/User.py hth Phil Andreas Jung wrote: I think you are describing a flaw that had been removed in older versions. Does not sound like a feature but like a bug... -aj --On Dienstag, 9. März 2004 13:31 Uhr +0100 Juan Javier Carrera Obrero <[EMAIL PROTECTED]> wrote: Hi, In Zope 2.4 or older versions when a user is created, if you specify a domain and leave the password for a user blank, then anyone from the permitted domains automatically gets the user's roles without having to log in. However, it is not possible in Zope 2.7. I have created a user specifying a domain and leave the password for this user blank, and although I am in the domain, I have to log in. Anybody help me about it ? How can I create a user, specifying a domain, and if the user is in the domain does not have to log in? Thanks.- ___ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Specify a domain and leave the password for a user blank
I think you are describing a flaw that had been removed in older versions.
Does not sound like a feature but like a bug...
-aj
--On Dienstag, 9. März 2004 13:31 Uhr +0100 Juan Javier Carrera Obrero
<[EMAIL PROTECTED]> wrote:
Hi,
In Zope 2.4 or older versions when a user is created, if you specify a
domain and leave the password for a user blank, then anyone from the
permitted domains automatically gets the user's roles without having to
log in.
However, it is not possible in Zope 2.7. I have created a user specifying
a domain and leave the password for this user blank, and although I am in
the domain, I have to log in.
Anybody help me about it ? How can I create a user, specifying a domain,
and if the user is in the domain does not have to log in?
Thanks.-
- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 09, 2004 12:36 PM
Subject: Zope-Dev Digest, Vol 8, Issue 15
Send Zope-Dev mailing list submissions to
[EMAIL PROTECTED]
To subscribe or unsubscribe via the World Wide Web, visit
http://mail.zope.org/mailman/listinfo/zope-dev
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]
You can reach the person managing the list at
[EMAIL PROTECTED]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Zope-Dev digest..."
Today's Topics:
1. Re: Re: Unexpected Behaviour iterating over catalog search...
(Dieter Maurer)
2. Zopeservice and sitecustomize (Sake)
3. Re: Zopeservice and sitecustomize (Chris McDonough)
4. RE: Zopeservice and sitecustomize (Tim Peters)
5. RE: Zopeservice and sitecustomize (Tim Peters)
6. Re: Re: Unexpected Behaviour iterating over catalog search...
(Chris Withers)
7. Re: [ZODB-Dev] Re: BTrees strangeness (was [Zope-dev] Zope
2.X BIG Session problems - blocker - our site dies - need help of
experience Zope developer, please) (Alex V. Koval)
--
Message: 1
Date: Mon, 8 Mar 2004 20:05:04 +0100
From: Dieter Maurer <[EMAIL PROTECTED]>
Subject: Re: [Zope-dev] Re: Unexpected Behaviour iterating over
catalog search...
To: Jean Jordaan <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii
Jean Jordaan wrote at 2004-3-8 16:33 +0200:
>>> Surely the thing returned by a Catalog search should be immutable?
>>
>> Nope, it is "lazy"; immutability would require "realizing" it first,
>> which would be prohibitively expensive in many cases.
>
> Yes .. thing is, wrapping with list() or tuple() will therefore
> also be prohibitive in those cases,
When you want to uncatalog everything, "tuple"ing the result should
not be a problem.
Otherwise, a standard approach is to remember the objects you
want to delete in a standard list and iterate over this list
in a separate loop (outside the first one).
--
Dieter
--
Message: 2
Date: Tue, 09 Mar 2004 08:54:54 +0700
From: Sake <[EMAIL PROTECTED]>
Subject: [Zope-dev] Zopeservice and sitecustomize
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Hi,
I have Zope and Activestate Python installed together in the same win-xp
machine. Everything works fine until I've learned that I can put
"sys.setdefaultencoding('cp874')" into sitecustomize.py to accomodate my
native language coding. Since I do that, my Zope 2.7.0 service can no
longer start. I can start it manually from "runzope.bat", but it never
start through the windows system service. A full day investigation
reveal that the trouble cause by the missing of the
'\lib\python' in the system environment's "PYTHONPATH".
The "runzope.bat" set that up before then execution of
"Zope.Startup.run.py", hence it run fine. But "zopeservice.py" rely on
the "\bin\Lib\site-packages\sitecustomize.py" to set up
the correct "PYTHONPATH". Here is the code inside Zope's sitecustomize.py
""" Add Zope packages in Windows binary distro to sys.path automagically
"""
import sys
import os
try:
sp = __file__
except:
sp = None
if sp:
dn = os.path.dirname
swhome = os.path.join(dn(dn(dn(dn(sp, 'lib', 'python')
if os.path.exists(swhome):
sys.path.insert(0, swhome)
Unluckily, this sitecustomize.py is now masked with my sitecustomize.py
inside Activestate's site-package directory, which actually get loaded
by Zope via the Python registry load path
(HKEY_LOCAL_MACHINE\SOFTWARE\Python\PythonCore\2.3\PythonPath) instead
of the expected one.
I don't think setting up PYTHONPATH inside sitecustomize.py is a good
idea. Better keep this mechanism for site specific problems. I'd rather
insert a line into zopeservice.py like this.
import os.path
from os.path import dirname as dn
import sys
# these are replacements from mkzopeinstance
PYTHONW = r'C:\Zope-2.7.0\bin\pythonw.exe'
SOFTWARE_HOME=r'C:\Zope-2.7.0\lib\python'
INSTANCE_HOME = r'C:\Zope-MIB
[Zope-dev] Specify a domain and leave the password for a user blank
Hi,
In Zope 2.4 or older versions when a user is created, if you specify a
domain and leave the password for a user blank, then anyone from the
permitted domains automatically gets the user's roles without having to log
in.
However, it is not possible in Zope 2.7. I have created a user specifying a
domain and leave the password for this user blank, and although I am in the
domain, I have to log in.
Anybody help me about it ? How can I create a user, specifying a domain, and
if the user is in the domain does not have to log in?
Thanks.-
- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 09, 2004 12:36 PM
Subject: Zope-Dev Digest, Vol 8, Issue 15
> Send Zope-Dev mailing list submissions to
> [EMAIL PROTECTED]
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://mail.zope.org/mailman/listinfo/zope-dev
> or, via email, send a message with subject or body 'help' to
> [EMAIL PROTECTED]
>
> You can reach the person managing the list at
> [EMAIL PROTECTED]
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Zope-Dev digest..."
>
>
> Today's Topics:
>
>1. Re: Re: Unexpected Behaviour iterating over catalog search...
> (Dieter Maurer)
>2. Zopeservice and sitecustomize (Sake)
>3. Re: Zopeservice and sitecustomize (Chris McDonough)
>4. RE: Zopeservice and sitecustomize (Tim Peters)
>5. RE: Zopeservice and sitecustomize (Tim Peters)
>6. Re: Re: Unexpected Behaviour iterating over catalog search...
> (Chris Withers)
>7. Re: [ZODB-Dev] Re: BTrees strangeness (was [Zope-dev] Zope
> 2.X BIG Session problems - blocker - our site dies - need help of
> experience Zope developer, please) (Alex V. Koval)
>
>
> --
>
> Message: 1
> Date: Mon, 8 Mar 2004 20:05:04 +0100
> From: Dieter Maurer <[EMAIL PROTECTED]>
> Subject: Re: [Zope-dev] Re: Unexpected Behaviour iterating over
> catalog search...
> To: Jean Jordaan <[EMAIL PROTECTED]>
> Cc: [EMAIL PROTECTED]
> Message-ID: <[EMAIL PROTECTED]>
> Content-Type: text/plain; charset=us-ascii
>
> Jean Jordaan wrote at 2004-3-8 16:33 +0200:
> >>> Surely the thing returned by a Catalog search should be immutable?
> >>
> >> Nope, it is "lazy"; immutability would require "realizing" it first,
> >> which would be prohibitively expensive in many cases.
> >
> >Yes .. thing is, wrapping with list() or tuple() will therefore
> >also be prohibitive in those cases,
>
> When you want to uncatalog everything, "tuple"ing the result should
> not be a problem.
>
> Otherwise, a standard approach is to remember the objects you
> want to delete in a standard list and iterate over this list
> in a separate loop (outside the first one).
>
> --
> Dieter
>
>
>
> --
>
> Message: 2
> Date: Tue, 09 Mar 2004 08:54:54 +0700
> From: Sake <[EMAIL PROTECTED]>
> Subject: [Zope-dev] Zopeservice and sitecustomize
> To: [EMAIL PROTECTED]
> Message-ID: <[EMAIL PROTECTED]>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> Hi,
>
> I have Zope and Activestate Python installed together in the same win-xp
> machine. Everything works fine until I've learned that I can put
> "sys.setdefaultencoding('cp874')" into sitecustomize.py to accomodate my
> native language coding. Since I do that, my Zope 2.7.0 service can no
> longer start. I can start it manually from "runzope.bat", but it never
> start through the windows system service. A full day investigation
> reveal that the trouble cause by the missing of the
> '\lib\python' in the system environment's "PYTHONPATH".
> The "runzope.bat" set that up before then execution of
> "Zope.Startup.run.py", hence it run fine. But "zopeservice.py" rely on
> the "\bin\Lib\site-packages\sitecustomize.py" to set up
> the correct "PYTHONPATH". Here is the code inside Zope's sitecustomize.py
>
> """ Add Zope packages in Windows binary distro to sys.path automagically
"""
> import sys
> import os
> try:
> sp = __file__
> except:
> sp = None
> if sp:
> dn = os.path.dirname
> swhome = os.path.join(dn(dn(dn(dn(sp, 'lib', 'python')
> if os.path.exists(swhome):
> sys.path.insert(0, swhome)
>
> Unluckily, this sitecustomize.py is now masked with my sitecustomize.py
> inside Activestate's site-package directory, which actually get loaded
> by Zope via the Python registry load path
> (HKEY_LOCAL_MACHINE\SOFTWARE\Python\PythonCore\2.3\PythonPath) instead
> of the expected one.
>
> I don't think setting up PYTHONPATH inside sitecustomize.py is a good
> idea. Better keep this mechanism for site specific problems. I'd rather
> insert a line into zopeservice.py like this.
>
> import os.path
> from os.path import dirname as dn
> import sys
>
> # these are replacements from mkzopeinstance
> PYTHONW = r'C:\Zope-2.7.0\bin\pythonw.exe'
> SOFTWARE_HOME=r'C:\Zope-2.7.0\lib\python'
> INSTANCE_HOME = r'C:
