Hello! I think a found a bug in ZODBUserManager.py in the updateUserPassword method.
To reproduce: Add users via ZMI (id | login) user1 | login1 user2 | login2 Everything works fine. Now edit the second user (by clicking on "password" in the ZODBUserManager ZMI) And choose "login1" without quotes for the login name, retype your password. You now see two users in your ZODBUserManager, but only the second one will work. The first user is somehow "overwritten", you cant delete him, or even use him for authentification. I browsed the source (om not so good at that so please forgive if I went the wrong way ;) ) And found the corresponding method "updateUserPassword" I think somewhere in this method the duplicate login check is missing, like in the method "addUser" if self._login_to_userid.get( login_name ) is not None: raise KeyError, 'Duplicate login name: %s' % login_name Maybe anyone knows how to fix this :) I do not. Cheers Dom _______________________________________________ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas