Andre Schubert wrote:
But is there a way to find out that the current REQUEST comes from joe
and joe has no user object in the root acl_users.
If you're doing this because you're worried that Joe won't later be able to view
the protected document, don't worry, Zope will handle that for you
Hi all,
I have a question on the security system of zope.
First i have a folder called foo in the root with acl_users and a doc
called foo_doc:
root/
bar_doc
foo/
acl_users/
joe
foo_doc
If Anonymous users could'nt view the foo_doc. This means only logged in
users
Andre Schubert writes:
... direct access to authentication credentials ...
You cannot ask Zope about the user identity because
it does not visit the authenticating user folder
in the described case.
If you use basic authentication (the Zope default), then
you can read "REQUEST._auth" to get
