Hi Jason,

Jason Lee wrote:
> 
> I'm fairly new to Zope, so this may be a dumb question, and my vocabulary could
> be wrong, so please bear with me.
> 
> I'm in the middle of building an e-commerce solution for my company, and we're
> evaluating Zope (and PHP and Servlets, but that's immaterial) as the platform on
> which to base this solution.  That doesn't necessarily mean anything other than
> to give you context.  One of the problems I'm facing right now is how to display
> a particular object based on a value.  For example, let's say a user tries to
> access www.foo.com/MyAccount/CCInfo.  If the user has authenticated, I need to
> show him the obviously sensitive data he has requested.  If he is not
> authenticated, however, I need to give him a login screen which, for argument's
> sake, is in the DTML document Login in the root folder.  How would I go about
> doing that?  Am I making sense?  Thanks...

We have done it for an (closed to the public) e-commerce solution which 
could not be done with http-authentication (we have 2 user-names and one
password for authentication for historical reasons)
Se we needed a solution and found it as a simple solution with the
standard
header of all documents wich include some kind of session-management
down
the protected path. If the user is authenticated, the session management
keeps
track of it and provides useful data to all pages where it is included.
If the session is timed out or a not authenticated user tries to access
some
pages, the session-management (a dtml-method) sends a redirect to 
the login-page.

I can give a more detailed description on request. 

But at least: yes, you can do it; yes, it makes sense

HTH
Tino Wildenhain

_______________________________________________
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Reply via email to