On Jul 19, 2005, at 12:35 PM, Martijn Faassen wrote:

Martijn Faassen wrote:

Martijn Faassen wrote:

Hi there,

I'm trying to debug the security of a Zope 3 application (in Zope 3.1 beta) and I am having trouble getting ZOPE_WATCH_CHECKERS to work.

Note that I was trying this as matters are aggrevated by zope.app.exception.browser; there's a view registered for IUnauthorized which suppresses a traceback from appearing in the log, so it becomes extremely hard to debug security with that enabled. If I disable that, I do see a traceback, which at least helps me further.
This did help me further, until I realized that this view is in some way involved in presenting the login dialog as well, and disabling it doesn't let me log in. As a result, I am now stuck debugging this security issue. There must be a way others use that does work -- what am I missing? I only want to be able to see which permission on which object is failing.

Here are two choices:

- Go TTW to the root exception logger and configure it to not ignore Unauthorized exceptions. Provoke the problem again and then look at the exception TTW.

- log in using a standard server. stop your server and change the server to a PDB server in the config. Reprovoke; you'll be dumped in the code where the error is happening. The security environment is now a bit wonky so it is a bit problematic.


Zope3-dev mailing list
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com

Reply via email to