true enough.

at its simplest level, I've been trying to just import xmlrpclib and use it
normally in scripts.  I used my __init__.py to allow_module('xmlrpclib'),
which has stopped it from throwing security errors.  however, when I
actually run a test script, I get the following:

Error Type: Fault
Error Value: <Fault 1: 'exceptions.Exception:method
"echo.__roles__.__contains__" is not supported'>

error_log has this traceback:
Traceback (innermost last):
  Module ZPublisher.Publish, line 101, in publish
  Module ZPublisher.mapply, line 88, in mapply
  Module ZPublisher.Publish, line 39, in call_object
  Module Shared.DC.Scripts.Bindings, line 306, in __call__
  Module Shared.DC.Scripts.Bindings, line 343, in _bindAndExec
  Module Products.PythonScripts.PythonScript, line 323, in _exec
  Module None, line 5, in testXRPC
   - <PythonScript at /pro4/testXRPC>
   - Line 5
  Module xmlrpclib, line 1029, in __call__
  Module xmlrpclib, line 1316, in __request
  Module xmlrpclib, line 1080, in request
  Module xmlrpclib, line 1219, in _parse_response
  Module xmlrpclib, line 742, in close
Fault: <Fault 1: 'exceptions.Exception:method "echo.__roles__.__contains__"
is not supported'>

I can watch the "POST /RPC2" messages increment on my xml-rpc server, so I
know the message is getting through.  but the xmlrpc server isn't built with
Zope in mind, so "__roles__.__contains__" makes it cough a Fault back at me.

the code I have in the python script is as simple as:

import xmlrpclib
server = xmlrpclib.ServerProxy("http://localhost:9999";)
server.echo('this is a test')

echo just sends the recieved string back.  it works from command line, but
that's not surprising...  I could be wrong about where or how it's failing,
but the traceback looks like the message is getting there, and returning
with the "echo" method having been wrapped in a zope security check, thus
faulting at the server...

Thanks for any help...  this list is the best I've participated in.  You
guys are awesome.

-----Original Message-----
From: Chris Withers [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 07, 2005 8:35 AM
To: Pete Taylor; zope@zope.org
Subject: Re: [Zope] Product creation difficulty

(keep replies on the list, more people can help that way)

Pete Taylor wrote:

> thanks man.  doing it that way has cleared up the security problem.  i've
> run into others trying to access xml-rpc methods remotely (zope keeps
> passing the __roles__ checks back to the xmlrpc server, which says "i
> know what you're talking about", etc)

You'd have to give us more information if you want help with that, it 
sounds like something bizarre is happening that shouldn't ;-)



Simplistix - Content Management, Zope & Python Consulting
            - http://www.simplistix.co.uk

CONFIDENTIAL NOTICE: This email including any attachments, contains 
confidential information belonging to the sender. It may also be 
privileged or otherwise protected by work product immunity or other 
legal rules. This information is intended only for the use of the 
individual or entity named above.  If you are not the intended 
recipient, you are hereby notified that any disclosure, copying, 
distribution or the taking of any action in reliance on the contents 
of this emailed information is strictly prohibited.  If you have 
received this email in error, please immediately notify us by 
reply email of the error and then delete this email immediately.
Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to