Say I have a user in a root acl_users folder (call it 'admin'). I also have a PAS user folder in a sub-object of the root. This PAS is configured to do cookie auth, and users will typically login using a form.

Now, if I try to log in as 'admin' in that form, it doesn't work. I think this is why:


 - credentials are supplied via a form to the PAS cookie auth plugin

 - there is no such user, so it fails

- 'validate' returns None, so Zope goes to the next user folder (which the basic in the root where 'admin' lives)

- that one tries to validate but gets nothing: it looks for HTTP basic credentials, but finds nothing, since login is form based

Does this sound about right? Anybody have a strategy to get around this?

                --jcc
--
Enfold Systems, LLC
http://www.enfoldsystems.com

_______________________________________________
Zope-PAS mailing list
Zope-PAS@zope.org
http://mail.zope.org/mailman/listinfo/zope-pas

Reply via email to