On Saturday 01 April 2006 21:02, David Johnson wrote: > I have created and am using a custom ILoginPassword (an updated version of > what's in Phillip's book - cookieauth), and Zope does not seem to raise the > Unauthorized exception for unauthorized users. > > In otherwords, if a user who is not authenticated tries to access a page > they are not authorized for, they allowed to. When and how is the > unauthorized exception raised? Why does adapting ILoginPassword seem to > disable that?
You have to give us more information than that? I think the book discusses the old pluggableauth, which is not used anymore. In PAU, you can configure the behavior. You shoudl read the text files associated with zope.app.authentication. Regards, Stephan -- Stephan Richter CBU Physics & Chemistry (B.S.) / Tufts Physics (Ph.D. student) Web2k - Web Software Design, Development and Training _______________________________________________ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users