subject:"\[Zope\-PAS\] Re\: Strange authorization problems in subfolders under PAS"

[Zope-PAS] Re: Strange authorization problems in subfolders under PAS

2005-11-22 Thread Tres Seaver

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

[EMAIL PROTECTED] wrote:
> Hi Tres (and list),
> 
> 
>>>One thing to try: enable VerboseSecurity ('verbose-security on'
>>>in your zope.conf file),
>>
>>I'll try that tomorrow when I am back at work -- thanks for the hint.
> 
> 
> now things indeed become clearer -- thanks again for the hint:
> the problem lies with all new objects that are generated within
> a folder under control of PAS under my setup. Although
> 'user/getUserName' in a TAL-script returns user 'zopeadmin',
> the owner of a newly created object is said to be 'auth_zopeadmin' --
> which, of course, does not exist and brings along all kinds of
> authorization problems. 

The user's ID is probably 'auth_zopeadmin', while the login name is
'zopeadmin';  this assumes that your user source (a ZODBUserManager?)
uses the prefix, 'auth'.  If you show 'user/getId', is it 'auth_zopeadmin'?



Tres.
- --
===
Tres Seaver  +1 202-558-7113  [EMAIL PROTECTED]
Palladion Software   "Excellence by Design"http://palladion.com
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDgyDt+gerLs4ltQ4RAk3AAKC7bUEMXhvXE8CLozS5Spq+KHgEawCghdgH
3LBdBLn+A+o4gh0aViNONE0=
=DJ/e
-END PGP SIGNATURE-

___
Zope-PAS mailing list
Zope-PAS@zope.org
http://mail.zope.org/mailman/listinfo/zope-pas

[Zope-PAS] Re: Strange authorization problems in subfolders under PAS

2005-11-22 Thread bernd . grobauer

Hi Tres (and list),

>> One thing to try: enable VerboseSecurity ('verbose-security on'
>> in your zope.conf file),
>
>I'll try that tomorrow when I am back at work -- thanks for the hint.

now things indeed become clearer -- thanks again for the hint:
the problem lies with all new objects that are generated within
a folder under control of PAS under my setup. Although
'user/getUserName' in a TAL-script returns user 'zopeadmin',
the owner of a newly created object is said to be 'auth_zopeadmin' --
which, of course, does not exist and brings along all kinds of
authorization problems. 

I am probably making some obvious mistake in configuring PAS?

Regards,

Bernd
___
Zope-PAS mailing list
Zope-PAS@zope.org
http://mail.zope.org/mailman/listinfo/zope-pas

[Zope-PAS] Re: Strange authorization problems in subfolders under PAS

2005-11-21 Thread bernd . grobauer

Hi Tres,

thanks for the reply (and sorry for the repost of the original message -- I 
thought it had no reached the mailing list the first time
when indeed it did)


>> Rootfolder (with standard userfolder acl_users in it)
>> |
>> +--test (with PAS userfolder acl_users in it)
>> |
>> +---subfolder
>> index_html (a Python Script)
>
>where is 'index_html' located? Is it in the ZODB root?

No, my ASCII graphics got messed up: index_html is in 'subfolder' --
that is where I have my problems -- both in toplevel and in test
everything works fine.

> One thing to try: enable VerboseSecurity ('verbose-security on'
> in your zope.conf file),

I'll try that tomorrow when I am back at work -- thanks for the hint.

Regards,

Bernd
___
Zope-PAS mailing list
Zope-PAS@zope.org
http://mail.zope.org/mailman/listinfo/zope-pas

[Zope-PAS] Re: Strange authorization problems in subfolders under PAS ac_users object

2005-11-21 Thread Tres Seaver

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

[EMAIL PROTECTED] wrote:
> Hi list,
> 
> the following question may be trivial to you; I tried to do my best to
> find things out by myself, but did not manage to find anything.
> 
> Here is what I have (on Zope 2.7.5 with 1.0.3 of PAS)
> 
> Rootfolder (with standard userfolder acl_users in it)
> |
> +--test (with PAS userfolder acl_users in it)
> |
> +---subfolder
> index_html (a Python Script)
> 
> My problem is that if index_html contains, say, "script.title", I
> get the error message that I do not have authorization to use 'title'
> in this context. That changes when I take the whole 'test' folder
> and copy it into, say 'test2'. Then "script.title" works fine,
> but if I make another script, things like "script.title" do
> not work -- unless I copy the whole thing to 'test3'...
> 
> Am I missing something obvious? If you already know what's happening,
> please tell me! If not, below are some more details!

where is 'index_html' located?  Is it in the ZODB root?

One thing to try:  enable VerboseSecurity ('verbose-security on' in your
zope.conf file), and retry -- it may give you more information about the
specific reason for the Unauthorized exception.


Tres.
- --
===
Tres Seaver  +1 202-558-7113  [EMAIL PROTECTED]
Palladion Software   "Excellence by Design"http://palladion.com
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDgemP+gerLs4ltQ4RAjU8AKDUxF3Ne1OjfVmFltaB+F85vkVNQACfUhc6
BxsLRqIwfnoKbkoaM1h//NY=
=cfLR
-END PGP SIGNATURE-

___
Zope-PAS mailing list
Zope-PAS@zope.org
http://mail.zope.org/mailman/listinfo/zope-pas

[Zope-PAS] Re: Strange authorization problems in subfolders under PAS

[Zope-PAS] Re: Strange authorization problems in subfolders under PAS

[Zope-PAS] Re: Strange authorization problems in subfolders under PAS

[Zope-PAS] Re: Strange authorization problems in subfolders under PAS ac_users object

4 matches

Site Navigation

Mail list logo

Footer information