Dieter Maurer wrote:
I have a Plone instance named "/Home" -- do you mean that or a subfolder of it?Nikko Wolf wrote at 2005-6-7 14:25 -0600:- I do not want ANY access by unauthorized users. Obviously they must be able to reach a login page, and get instructions on how to request an account, password reset, etc.Put all content in a subfolder of your site and remove "View" and "Access contents information" from "Anonymous".
But of course, this killed my entire Plone installation.
I did as you suggested but (in hindsight stupidly!) did not ensure that anyone else had permissions to "View" and "Access contents information" -- so even logged in as a Manager I could not access the "/Home" folder -- including the Security tab where I would go to fix the problem. Which seems like a design flaw, but....
Fortunately, http://www.zope.org/Documentation/Misc/SECURITY.txt/view explains about using the emergency user via "zpasswd.py" script, so I fixed things but not until after a good bit of elevated blood pressure and a lot of profanity.
But this brings me to an issue I found weeks ago. Whilst trying to restrict access, I find that with an non-manager user:
http://myhost.com:8080/Home/ --- shows the root Plone page just as desired
http://myhost.com:8080/Home --- shows an "insufficient privileges" page (note the lack of a trailing slash).
Any one have ideas why this is, or how to fix this?
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )