Tres Seaver wrote:
The machinery won't be invoked for requests which don't need to validate (e.g., for resources viewable by Anonymous). Could that be the case for you?
No. Closer inspection seems to show that I actually don't get PAS to do anything at all. It is simply ignored, unless I put it into the root, in which case I can't do anything, since it doesn't care of emergency_user.
So I'm completely stumped.
Here is what I just did:
1. Created a folder, 'pas_test' in the root of my Zope, with a minimal 'index_html'.
2. Changed its security settings, removing "acquire" from the "View" permission and granting "View" to "Manager" and "Owner".
3. Verified that I could not view the folder as anonymous (got an HTTP basic auth challenge).
4. Added a PluggableAuthService, with the following plugins (all interfaces activated for each plugin):
- 'basic_auth', an HTTPBasicAuthHelper
- 'zodb_users', a ZODBUserManger
- 'zodb_roles', a ZODBRoleManager
5. In 'zodb_users', created a new user, 'tseaver'.
6. In 'zodb_roles', granted the "Owner" role to 'tseaver'.
7. Reloaded the anonymous window, got challenged, entered 'tseaver' and the password, and saw the page.
Tres. -- =============================================================== Tres Seaver [EMAIL PROTECTED] Zope Corporation "Zope Dealers" http://www.zope.com
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce