Hi all

I've run into something baffling regarding authentication.
For debugging purposes, my standard_html_header tells me:

  (I'm <em><dtml-var "AUTHENTICATED_USER.getUserName()"></em> and I have 
  <em><dtml-var "AUTHENTICATED_USER.getRoles()"></em> role(s).)

When I visit /docs, it tells me:

  (I'm Anonymous User and I have Anonymous role(s).) 

That's cool. Now I visit:


via a link from /docs, and I am prompted for username and
password. I add an instance of my ZClass, and am redirected
to /docs:

  <dtml-if "AUTHENTICATED_USER.has_role('ContentManager')">
  <dtml-comment> njj: Called from the public interface
    <dtml-call "RESPONSE.redirect(
    <dtml-call "RESPONSE.redirect(

(this is from ccDocClass_add). When I arrive I *still* see:

  (I'm Anonymous User and I have Anonymous role(s).) 

Now I edit the URL manually and visit /docs/manage, which
works *without* prompting me for authentication. I edit the 
URL back to /docs, and now I see: 

  (I'm docEditor and I have ContentManager and Manager role(s).)

Also, this doesn't *always* happen. Perhaps it's an IE problem?
Does anyone know exactly how this works?

Jean Jordaan   --    technical writer    --    
Mosaic Sofware --    Zope 2.16 on W2K

Zope maillist  -  [EMAIL PROTECTED]
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-dev )

Reply via email to