I have created and am using a custom ILoginPassword (an updated version of what’s in Phillip’s book - cookieauth), and Zope does not seem to raise the Unauthorized exception for unauthorized users.
In otherwords, if a user who is not authenticated tries to access a page they are not authorized for, they allowed to. When and how is the unauthorized exception raised? Why does adapting ILoginPassword seem to disable that?
_______________________________________________ Zope3-users mailing list Zope3email@example.com http://mail.zope.org/mailman/listinfo/zope3-users