RE: [Zope] LoginManager - logging out

2000-12-21 Thread Mohan Baro

Thank you

Mohan.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Bill
Anderson
Sent: Thursday, December 21, 2000 1:57 PM
To: [EMAIL PROTECTED]
Subject: Re: [Zope] LoginManager - logging out


Mohan Baro wrote:
 
 Its just not working for me.
 
 I am going to try  LoginManager + ZPatterns (hope it has a handy logout
 feature)


Well, you could look at the Membership product to see how we do it
there. :)
IIRC, it works fine with the latest LM and Zope.

Zpatterns won't provide a logout feature, since that is not it's
responsibility.

Bill


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )



___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] LoginManager - logging out

2000-12-20 Thread Bill Welch

Inspired by Jim Washington's recent post re 'Anonymous user', I was
reminded of a previous post in which someone suggested
http://garbage:x@yourSite would also clear the browser's credential.
Much faster and works in IE and Konqueror, but not Navigator or lynx. Very
easy to test, too.

first,
http://yourSite/manage
and login
then
http://garbage:x/yourSite/debug
and check other/AUTHENTICATED_USER

On Tue, 19 Dec 2000, Bill Welch wrote:

 Not true, depends on the browser. My tests indicate that Navigator and IE
 both trash the existing good credential with the garbage one and you're
 really logged out. Konqueror and lynx seem to hang on to the last
 successful authentication and this method doesn't log you out.


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




RE: [Zope] LoginManager - logging out

2000-12-20 Thread Bill Welch

Up to this point, I've been talking about mechanisms for you, personally,
to log out to switch between developer and user roles for testing. 
Clearly, these mechanisms aren't appropriate for the users of your site.

I think LoginManager isn't the only choice, but I can't say, off hand,
what the other choices are.

Bill.

On Wed, 20 Dec 2000, Mohan Baro wrote:

 for me I need to log out completely.
 similar to what they do at ZOPE.ORG (login/logout)

 In fact I wouldn't mind a form based login system similar to zope.org
 
 Mohan.
 
 what you guys are saying is that
 1) using standard authentication ( I have a problem with logout)
 2) and I must use LoginManager + ZPatterns
 



___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




RE: [Zope] LoginManager - logging out

2000-12-20 Thread Mohan Baro

Its just not working for me.

I am going to try  LoginManager + ZPatterns (hope it has a handy logout
feature)

Mohan.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Bill
Welch
Sent: Wednesday, December 20, 2000 9:45 AM
To: [EMAIL PROTECTED]
Subject: Re: [Zope] LoginManager - logging out


Inspired by Jim Washington's recent post re 'Anonymous user', I was
reminded of a previous post in which someone suggested
http://garbage:x@yourSite would also clear the browser's credential.
Much faster and works in IE and Konqueror, but not Navigator or lynx. Very
easy to test, too.

first,
http://yourSite/manage
and login
then
http://garbage:x/yourSite/debug
and check other/AUTHENTICATED_USER

On Tue, 19 Dec 2000, Bill Welch wrote:

 Not true, depends on the browser. My tests indicate that Navigator and IE
 both trash the existing good credential with the garbage one and you're
 really logged out. Konqueror and lynx seem to hang on to the last
 successful authentication and this method doesn't log you out.


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )



___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




RE: [Zope] LoginManager - logging out

2000-12-20 Thread Oliver Bleutgen

 reminded of a previous post in which someone suggested
 http://garbage:x@yourSite would also clear the browser's credential.
 Much faster and works in IE and Konqueror, but not Navigator or lynx. Very
 easy to test, too.


Its just not working for me.

I am going to try  LoginManager + ZPatterns (hope it has a handy logout
feature)


Remember to press shift+reload in IE, this nasty thing just takes
the cached pages otherwise.
About LoginManager and ZPatterns, they won't help you for the
Basic http-authentication. This is really a client-side problem.

And finally, I reread a previous mail of  yours:

Thanks,

I have tried it.

dtml-raise type="Unauthorized"
Logout!!
/dtml-raise

I guess it logs me out. But it also gives me a login dialog box  it does
not accept any of the account. So I cannot log back in! Why?


Just a quick guess, is it possible that you reenter your credentials and
just reload the page which contains the above code which again causes
an "Unauthorized" to be raised (and therefore causes the browser to 
show the login-dialog again)?
Have you tried pointing your browser to another URI on that server?

cheers,
oliver



___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




RE: [Zope] LoginManager - logging out

2000-12-20 Thread Mohan Baro

Thanks for the tips:
1)the logout method work with shift+reload in IE (how would clear cached
pages from zope?)
2)the dtml-raise type="Unauthorized" method does not allow me to log back
in even when I try a redirect to a different page.

I am wondering if something is set incorrectly on my browser. If (2) works
for you it must work for me to??

Any way thanks for all the help  I get it to work I will post the
solution.

BTW
Do you know how the achieve [login/logout] at ZOPE.ORG ie Zope Portal
Toolkit ??



Mohan.



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Oliver Bleutgen
Sent: Wednesday, December 20, 2000 1:01 PM
To: [EMAIL PROTECTED]
Subject: RE: [Zope] LoginManager - logging out


 reminded of a previous post in which someone suggested
 http://garbage:x@yourSite would also clear the browser's credential.
 Much faster and works in IE and Konqueror, but not Navigator or lynx.
Very
 easy to test, too.


Its just not working for me.

I am going to try  LoginManager + ZPatterns (hope it has a handy logout
feature)


Remember to press shift+reload in IE, this nasty thing just takes
the cached pages otherwise.
About LoginManager and ZPatterns, they won't help you for the
Basic http-authentication. This is really a client-side problem.

And finally, I reread a previous mail of  yours:

Thanks,

I have tried it.

dtml-raise type="Unauthorized"
Logout!!
/dtml-raise

I guess it logs me out. But it also gives me a login dialog box  it
does
not accept any of the account. So I cannot log back in! Why?


Just a quick guess, is it possible that you reenter your credentials and
just reload the page which contains the above code which again causes
an "Unauthorized" to be raised (and therefore causes the browser to
show the login-dialog again)?
Have you tried pointing your browser to another URI on that server?

cheers,
oliver



___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )



___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




RE: [Zope] LoginManager - logging out

2000-12-20 Thread Oliver Bleutgen

 Thanks for the tips:
 1)the logout method work with shift+reload in IE (how would clear cached
 pages from zope?)
 2)the dtml-raise type="Unauthorized" method does not allow me to log
 back
 in even when I try a redirect to a different page.

 I am wondering if something is set incorrectly on my browser. If (2) works
 for you it must work for me to??

No, 
actually I hadn't thought of redirecting, but I guess it can't work.
Either because the browser ignores the redirect after an 401 Unauthorized,
or because of the nature of dtml-raise which maybe prevents zope
from interpreting following code. Maybe someone can shed some light on that.

Perhaps you could try this:

dtml-unless "AUTHENTICATED_USER.getUserName()=='Anonymous User'"
dtml-raise type="Unauthorized"
Logout!!
/dtml-raise
/dtml-unless
You are now logged out!

Not very elegant (you have to enter one false login/pw combination
for the unless to work), but perhaps someone else has a better idea.

This may depend on why you want to log out - for just reaching
Anonymous "status" this seems the right thing.
Otherwise introducing a new kind of role might help "logout_user",
so you could test for that.


cheers,
oliver

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




RE: [Zope] LoginManager - logging out

2000-12-19 Thread Mohan Baro

Thanks,

I have tried it.

dtml-raise type="Unauthorized"
Logout!!
/dtml-raise

I guess it logs me out. But it also gives me a login dialog box  it does
not accept any of the account. So I cannot log back in! Why?

What is going on here?

Mohan.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Bill
Welch
Sent: Monday, December 18, 2000 11:06 AM
To: Mohan Baro
Cc: [EMAIL PROTECTED]
Subject: RE: [Zope] LoginManager - logging out


this is my logout DTML method

dtml-raise type="Unauthorized"
Logout!!
/dtml-raise

On Mon, 18 Dec 2000, Mohan Baro wrote:

 Can you please give an example of this code or method?

 Mohan.


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )



___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] LoginManager - logging out

2000-12-19 Thread Tim Cook

Mohan Baro wrote:
 
 Thanks,
 
 I have tried it.
 
 dtml-raise type="Unauthorized"
 Logout!!
 /dtml-raise
 
 I guess it logs me out. But it also gives me a login dialog box  it does
 not accept any of the account. So I cannot log back in! Why?
 

I'm not sure WHY it won't accept your username at this point.
BUT, it doesn't really logout you out either. If you hit the back
button a couple of times you'll notice that you are still logged
in.  The only way to logout using standard authentication is to
close the browser.

HTH,
-- Tim Cook, President --
Free Practice Management,Inc. | http://FreePM.com
Office: (901) 884-4126
Censorship: The reaction of the ignorant to freedom.

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] LoginManager - logging out

2000-12-19 Thread Bill Welch

On Tue, 19 Dec 2000, Tim Cook wrote:

 Mohan Baro wrote:
  
  Thanks,
  
  I have tried it.
  
  dtml-raise type="Unauthorized"
  Logout!!
  /dtml-raise
  
  I guess it logs me out. But it also gives me a login dialog box  it does
  not accept any of the account. So I cannot log back in! Why?
  

The login dialog is the reauthentication opportunity that's your browser's
response to the 'Unauthorized' exception and that's normal. Don't know why
you can't log back in. Works for me in Navigator, IE, and Konqueror. Lynx
displayed an opportunity to reauthenticate once, and then only showed the
exception after that.

 I'm not sure WHY it won't accept your username at this point.
 BUT, it doesn't really logout you out either. If you hit the back
 button a couple of times you'll notice that you are still logged
 in.  The only way to logout using standard authentication is to
 close the browser.

Not true, depends on the browser. My tests indicate that Navigator and IE
both trash the existing good credential with the garbage one and you're
really logged out. Konqueror and lynx seem to hang on to the last
successful authentication and this method doesn't log you out.

Hitting the back button doesn't tell you anything about what credential
your browser is sending to the server. Try visiting a privileged page
after going back or look at the request that's actually being sent. Try
using this one line method (I call mine 'debug'):

dtml-var REQUEST

After visting yourSite/logout and trying to login as a garbage user at the
reauthentication opportunity (blanking the user name seems to work fine),
visit yourSite/debug. Check other/AUTHENTICATED_USER, Navigator and IE
show 'Anonymous User', Konqueror and lynx show the last good user.

Bill.



___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




RE: [Zope] LoginManager - logging out

2000-12-18 Thread Bill Welch

 authentication and that the browser caches the credential. This means
 unless you shut down your browser, whatever you do, you are back to
 square one.

Besides shutting down your browser, you trash its credential. Create a
simple DTML method that raises the 'Unauthorized' exception. Direct your
brower to that method. The browser will, in some form or manner, request
that you authenticate again. Now the important part, don't cancel the
reauthentication! Type in some garbage user name and password and send it.
Your brower will give you another chance to authenticate, but this one you
cancel and you're back to being anonymous as far as Zope is concerned.

Bill.


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




RE: [Zope] LoginManager - logging out

2000-12-18 Thread Mohan Baro

Can you please give an example of this code or method?

Mohan.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Bill
Welch
Sent: Monday, December 18, 2000 10:14 AM
To: [EMAIL PROTECTED]
Subject: RE: [Zope] LoginManager - logging out


 authentication and that the browser caches the credential. This means
 unless you shut down your browser, whatever you do, you are back to
 square one.

Besides shutting down your browser, you trash its credential. Create a
simple DTML method that raises the 'Unauthorized' exception. Direct your
brower to that method. The browser will, in some form or manner, request
that you authenticate again. Now the important part, don't cancel the
reauthentication! Type in some garbage user name and password and send it.
Your brower will give you another chance to authenticate, but this one you
cancel and you're back to being anonymous as far as Zope is concerned.

Bill.


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )



___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




RE: [Zope] LoginManager - logging out

2000-12-18 Thread Mohan Baro

Where can I get more information on the following methods ( i.e which zope
documentation)

1) authenticate() as in dtml-call "AUTHENTICATED_USER.authenticate()"
2) logout()

Mohan


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




RE: [Zope] LoginManager - logging out

2000-12-18 Thread Bill Welch

this is my logout DTML method

dtml-raise type="Unauthorized"
Logout!!
/dtml-raise

On Mon, 18 Dec 2000, Mohan Baro wrote:

 Can you please give an example of this code or method?
 
 Mohan.


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




RE: [Zope] LoginManager - logging out

2000-12-17 Thread Chalu Kim


No, you are right. It does not work. It is because LM's default login
method is Basic. Basic logout does not work because of Basic
authentication and that the browser caches the credential. This means
unless you shut down your browser, whatever you do, you are back to
square one.

The remedy is to change your login method to Cookie so that
AUTHENTICATED_USER.logout() works.

Good luck.

http://lists.zope.org/pipermail/zope/2000-December/037253.html
Title:  [Zope] LoginManager - logging out


 
 
   [Zope] LoginManager - logging out
Aleksander Salwa 
[EMAIL PROTECTED]
Sun, 17 Dec 2000 14:58:43 +0100 (CET)

 Previous message: [Zope] Windows NT: Changing default TCP port
 Next message: [Zope] how can you tell who created an object in Zope?
  Messages sorted by: 
  [ date ]
  [ thread ]
  [ subject ]
  [ author ]
 
   
  

I used this code in my logoutForm to logout user in my old setup
(LoginManager-0_8_7a1, ZPatterns-0-4-2a1 and Zope 2.2.1):
dtml-call AUTHENTICATED_USER.logout()

It doesn't work when using LoginManager-0-8-8b1 + ZPatterns-0-4-3b2 +
Zope 2.2.4.
I've found a work-around:
dtml-call acl_users.logoutUser(AUTHENTICATED_USER.getId())
It logouts user as expected.

But, can anybody tell me, why the former one doesn't work as it should ?


[EMAIL PROTECTED]

/--\
| `long long long' is too long for GCC |
\--/
















	 Previous message: [Zope] Windows NT: Changing default TCP port
	 Next message: [Zope] how can you tell who created an object in Zope?
  Messages sorted by: 
  [ date ]
  [ thread ]
  [ subject ]
  [ author ]
 
   



RE: [Zope] LoginManager - logging out

2000-12-17 Thread Aleksander Salwa

On Sun, 17 Dec 2000, Chalu Kim wrote:
 No, you are right. It does not work. It is because LM's default login
 method is Basic. Basic logout does not work because of Basic
 authentication and that the browser caches the credential. This means
 unless you shut down your browser, whatever you do, you are back to
 square one.

But I use cookie authentication all the time.


[EMAIL PROTECTED]

/--\
| `long long long' is too long for GCC |
\--/


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] LoginManager - logging out

2000-12-17 Thread Aleksander Salwa

 I used this code in my "logoutForm" to logout user in my old setup
 (LoginManager-0_8_7a1, ZPatterns-0-4-2a1 and Zope 2.2.1):
 dtml-call "AUTHENTICATED_USER.logout()"

(I assume this code is correct, as it is included in default logoutForm in
LoginManager.)

 It doesn't work when using LoginManager-0-8-8b1 + ZPatterns-0-4-3b2 +
 Zope 2.2.4.

I forgot to write HOW it fails:

Error Type: AttributeError
Error Value: logoutUser

Traceback (innermost last):
  File
/usr/local/digicool/Zope-2.2.4-linux2-x86/lib/python/ZPublisher/Publish.py,
line 222, in publish_module
  File
/usr/local/digicool/Zope-2.2.4-linux2-x86/lib/python/ZPublisher/Publish.py,
line 187, in publish
  File
/usr/local/digicool/Zope-2.2.4-linux2-x86/lib/python/Zope/__init__.py,
line 221, in zpublisher_exception_hook
(Object: ProviderContainer)
  File
/usr/local/digicool/Zope-2.2.4-linux2-x86/lib/python/ZPublisher/Publish.py,
line 171, in publish
  File
/usr/local/digicool/Zope-2.2.4-linux2-x86/lib/python/ZPublisher/mapply.py,
line 160, in mapply
(Object: logoutForm)
  File
/usr/local/digicool/Zope-2.2.4-linux2-x86/lib/python/ZPublisher/Publish.py,
line 112, in call_object
(Object: logoutForm)
  File
/usr/local/digicool/Zope-2.2.4-linux2-x86/lib/python/OFS/DTMLDocument.py,
line 177, in __call__
(Object: logoutForm)
  File
/usr/local/digicool/Zope-2.2.4-linux2-x86/lib/python/DocumentTemplate/DT_String.py,
line 528, in __call__
(Object: logoutForm)
  File
/usr/local/digicool/Zope-2.2.4-linux2-x86/lib/python/DocumentTemplate/DT_Util.py,
line 337, in eval
(Object: AUTHENTICATED_USER.logout())
(Info: AUTHENTICATED_USER)
  File string, line 0, in ?
  File
/usr/local/digicool/Zope-2.2.4-linux2-x86/lib/python/Products/LoginManager/UserSources.py,
line 107, in logout
(Object: BetterLocalRolesMixin)
AttributeError: (see above)

 I've found a work-around:
 dtml-call "acl_users.logoutUser(AUTHENTICATED_USER.getId())"
 It logouts user as expected.
 
 But, can anybody tell me, why the former one doesn't work as it should ?


[EMAIL PROTECTED]

/--\
| `long long long' is too long for GCC |
\--/


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )