I want to use pau, with session (cookie) based authentication. No basic
The problem is, when the pau is activated, the zope.manager defined in
zcml seems to be no longer accessible, effectively locking me out of the
What I think is happening is the pau appends a prefix to the principal
name, so that the principal, instead of being "zope.manager", becomes
"prefixzope.manager", which has no permissions anywhere.
I think my choices are the following.
1. make pau always look (last) in principalRegistry and return a
non-prefixed principal if found and validated
2. have my authentication plugin look in principalRegistry and assign
the same roles for the principals found in principalRegistry, but with
the pau prefix. This would happen when the plugin is created or on demand.
3. provide methods for my authentication plugin to generate an
emergency user for one of its valid principals
Or did I miss something in the documentation that gets around this?
Zope3-users mailing list