Thanks Douglas and Marius,
For the quick solution and the background. It's working fine.
2009/4/1 Marius Gedminas <mar...@gedmin.as>
> On Tue, Mar 31, 2009 at 02:09:34PM -0700, Douglas Cerna wrote:
> > Hi.
> > I had a similar error and fixed it modifying:
> > >>> browser.addHeader('Authorization', 'Basic mgr:mgrpw')
> > To:
> > >>> browser.addHeader('Authorization', 'Basic globalmgr:globalmgrpw')
> > Both principals are defined in the ftesting.zcml file of your project,
> > but just the globalmgr has the Manager role assigned.
> This is intentional and tends to expose bugs in your application.
> If you have an object without a correct __parent__ chain leading to the
> ZODB root, your object will never see local security grants (such as
> mgr:mgrpw has) so any users defined TTW won't be able to access it.
> The fix is to ensure that *every* object of your application has a
> (Note that this use of __parent__ for security is independent from
> containment -- you don't need your objects to provide ILocation, or have
> __name__'s -- the Zope 3 security mechanism looks at __parent__
> attributes without checking interfaces.)
> Marius Gedminas
> Life begins when you can spend your spare time programming instead of
> watching television.
> -- Cal Keegan
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> -----END PGP SIGNATURE-----
> Zope3-users mailing list
Zope3-users mailing list