Simon Michael wrote at 2005-8-12 17:11 -0700:
> ...

We will switch to Zope 2.8.1 within the next 2 to 3 weeks.

As ZSyncer is a vital product for us, I will be forced to fix
any problem it may have with Zope 2.8.1 and I will report back.

Note, that we use a ZSyncer version which no longer uses XML-RPC
but "ZPublisher.Client" to make its remote requests.
When I remember right, Paul incorporated this change in some
recent "ZSyncer" version. Are you using a current version?
In that case, the problem is probably either

  *  "ZPublisher.Client" no longer passing authentication
     info correctly (less likely -- almost surely nothing
     was changed there)

  *  much more likely:

     the "validateValue" in "Products.ZSyncer.ZSyncer.ZSyncer.call_"
     no longer works.

    def call_(self,request):
        '''decode *request* and execute it.'''
        method,args= loads(request)
        m= getattr(self,method)
        if not getSecurityManager().validateValue(m):
            raise Unauthorized
      Jim had to change parts of the permission system for Zope 2.8
      to the effect that validation without name is no longer
      possible. This means that "validateValue" must
      try to get a name and there may be a bug in the name detection.

      Try replacing "validateValue(m)" by
      "validate(self, self, method, m)".

Zope maillist  -
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to