Hash: SHA1

Mark Phillips wrote:
> On Wed, 2008-01-30 at 12:06 -0500, Jens Vagelpohl wrote:
>> On Jan 30, 2008, at 17:39 , Mark Phillips wrote:
>>> I figured out where the plugins are - acl_users for my plone site,
>> not
>>> the root level acl_users, right?
>> Plone has the annoying habit of replacing the root user folder as 
>> well, so it might be helpful to look there as well.
> They are the same
>>> I then removed Unauthorized from the swallowed exceptions, and added
>>> verbose-security to zope.conf. I then tried to login, and no error
>>> messages.
>>> I am reading the "How to debug Plone" using pdb, but I don't know 
>>> where
>>> to start with a break point. I don't know the process for login in
>>> plone/zope. Any tutorials on that? I couldn't find any.
>> I can't say much about Plone, but in many cases you can "follow the 
>> code" by looking at the source of that login page. From there you see 
>> where it posts to, and what code is invoked to check credentials, or 
>> which conditions must be met for the login page to be shown again,
>> etc.
>> You may find more helpful answers by asking on a Plone-specific list, 
>> by the way.
> I have, but no response......
> Thanks for your help!!

Try disabling the 'login_page' property of the cookie auth plugin, so
that a "normal" HTTP basic auth prompt happens.  Then, enable
'verbose-security' (and 'security-policy-implementation python') in
zope.conf, and unmask Unauthorized in the error_log object:  you should
get a traceback which shows why the logged in user is not allowed to see
the page requested.

- --
Tres Seaver          +1 540-429-0999          [EMAIL PROTECTED]
Palladion Software   "Excellence by Design"    http://palladion.com
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


Zope-PAS mailing list

Reply via email to