Hello, I'm still desperately trying to figure out the PluggableAuthentication.
I perform the following steps: 1) Create an instance of my folderish, possible site (named A), content object. 2) I create a site in it. 3) I add a PAU in the default software space 4) I add a SessionCredentialsPlugin and a PrincipalFolder as plugins. 5) I create a internal principal with "Title" = "zope.Manager" (tried also other ones). name = abc 6) In the SessionCredentialsPlugin I leave to "loginForm.html". I've a loginForm.html view in my A-object) 7) I register all components (SessionCreadentiasPlugin, PrincipalFolder and PAU) 8) Now I access a view obect A-object that requires certain permissions that which the role of abc have. 9) I get redirected to the loginForm.html I've defined. 10) I provide the user credentials of testuser. 11) I've set a breakpoint in zope/app/authentication/principalfolder.py(274)authenticateCredentials() The credentials are extracted correctly: (Pdb) credentials {'login': u'abc', 'password': u'123'} The password check also validates: it executes that line: 284 return PrincipalInfo(self.prefix + id, internal.login, internal.title, 285 internal.description) But now the authenticateCredentials function is called a second time with empty credentials which of course makes it return None. 12) I'm redirected to the loginForm.html again, though the loginForm.html form header is like <form method="post" enctype="multipart/form-data" action="http://URL from cameform" 13) The ErrorReportingUtility show two unauthorized execeptions. The first one with User: unauthenticated, zope.anybody, Unauthenticated User, The second one with User: unauthenticated, cs1, CS.User, (cs is my prefix, CS.User one of the roles I tried) Whis is ok IMO, since the first call is made without authorization. By why does if fail at the second time. Hope somebody can englight me... Thanks, Florian _______________________________________________ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users