I think a found a bug in ZODBUserManager.py in the updateUserPassword
Add users via ZMI (id | login)
user1 | login1
user2 | login2
Everything works fine.
Now edit the second user (by clicking on "password" in the
And choose "login1" without quotes for the login name, retype your
You now see two users in your ZODBUserManager, but only the second one
The first user is somehow "overwritten", you cant delete him, or even
use him for authentification.
I browsed the source (om not so good at that so please forgive if I went
the wrong way ;) )
And found the corresponding method "updateUserPassword"
I think somewhere in this method the duplicate login check is missing,
like in the method "addUser"
if self._login_to_userid.get( login_name ) is not None:
raise KeyError, 'Duplicate login name: %s' % login_name
Maybe anyone knows how to fix this :) I do not.
Zope-PAS mailing list