Tres Seaver wrote:
Here is what I just did:

 1. Created a folder, 'pas_test' in the root of my Zope, with a
    minimal 'index_html'.

 2. Changed its security settings, removing "acquire" from the "View"
    permission and granting "View" to "Manager" and "Owner".

 3. Verified that I could not view the folder as anonymous (got an
    HTTP basic auth challenge).

 4. Added a PluggableAuthService, with the following plugins (all
    interfaces activated for each plugin):

    - 'basic_auth', an HTTPBasicAuthHelper

    - 'zodb_users', a ZODBUserManger

    - 'zodb_roles', a ZODBRoleManager

 5. In 'zodb_users', created a new user, 'tseaver'.

 6. In 'zodb_roles', granted the "Owner" role to 'tseaver'.

 7. Reloaded the anonymous window, got challenged, entered
    'tseaver' and the password, and saw the page.

OK, thanks, this is what I discovered after doing this:

1. After I do all your stuff above, when I remove the HTTPBasicAuthHelper everything still works. I can still log in, even though there is no credential extractor active. That makes no sense.

2. After I create my plugin, it still gets no calls... However, BasicAuthentication stops working.

So now at least I know that PAS is involved in what happens.
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists - )

Reply via email to