Todd Wilson wrote:
I just joined the list, and I am following up on a post in the archive
(sorry -- there wasn't a way to do this directly, so I don't know if
this message will end up in the same thread).
On 10/1/05, Lennart Regebro <regebro at gmail.com> wrote:
On 10/1/05, Milind Khadilkar <zedobject at gmail.com> wrote:
> I have installed Zope 3.1 rc 3. After logging in, I could not find any
> logout button.
There is no way to consistently log out from Basic HTTP authorization...
> Is it OK to directly shut the browser window ( I am using Firefox)?
I am writing for clarification on Lennart's answer to Milind's question.
In the many screenshots of the ZMI that can be seen in Philip von
Weitershausen's book ("Web Component Development with Zope 3", Springer,
2005), one can definitely see "[Logout]" in the upper-right corner of
the ZMI page. Like Milind, however, my installation of Zope 3.1.0 does
not have this link in its ZMI pages.
Is the absence of "[Logout]" in the latest version(s) because the
developers realized that it was misleading (as Lennart is suggesting)
and best left off, or is there another reason? Given the sensitive
nature of some Zope deployments, the management password seems very well
worth protecting. How about using a secure login (e.g., https) and
sessions, which is capable of supporting a true logout?
You can try the pluggable auth util (PAU)...
To add one to your site
Manage Site -> Site Management -> Authentication (Unique Utilites)
Add a Session Credentials Plugin
Manage Site -> tools -> PluggableAuthentication
Edit the form to add 'Session Credentials' and submit Change
You'll now get a sessions based login form when you login to that site.
But you'll now need a 'Authenticator Plugin' to get in ... you can add a
Principal Folder Plugin to the PAU, then add principal(s) to it.
To get a [Logout] link you'll need to add the following zcml directive..
As for the https you could use apache as a proxying front end. I
believe the current dev. version of zope 3.2 uses twisted which may
offer https services, but I know next to nothing about it.
Hey I just realised I missed something, how do you assign roles to
principles using a PrincipleFolder above?
Zope3-users mailing list