On Saturday 03 December 2005 01:30, Andrew Milton wrote: > +-------[ Gaute Amundsen ]---------------------- > > | > Since your index_html and docLogin both seem to require permissions to > | > view, > | > | No, no, and NO again. docLogin noes NOT require permission. > | I can access it without problem. If I cold not this would probably be a > | simple problem, and I would not be posting to the list. > | > | > I would check to make sure that your 'header' and 'footer' items > | > aren't doing something restricted. > | > > | > If you're using DTML, then I'd check that standard_html_header and > | > standard_html_footer. > | > > | > Make sure that in addition to the 'View' permission that also the > | > 'Access Contents information' permissions are set for Anonymous > | > on headers, footers and docLogin (and index_html if required). > | > | I am sorry, but I have been down that path numerous times, and it is all > | in order. > | > | I remove 'view' permission for anonymous from a folder or index.html file > | way below acl_users, and I get the described problem when I try to access > | it. I restore that permission, and everything displays properly. > | If I go to acl_users/docLogin directly, I can log in with cookies, and > | everything works fine. I believe that neatly eliminates the concerns you > | raise here. > > Not really d8) The primary cause for getting a Basic Auth Pop is because > your login form is attempting to do something that an Anonymous user > doesn't have permission to do.
Hm.. so if I have /foo/bar/baf/, and baf/ is protected, but I can view /foo/acl_users/docLogin, you think that docLogin still could be trying to touch something restricted? Upgraded to 0_20_1 now, but sill the same behavor. When I create an index.html inside acl_users it displays without complaint as well. I created a new acl_users from scratch, but no difference. > There's another acl_users between > exUserFolder and the content item (so it's getting the wrong user folder, > unlikely in this case), or you have an item in your page, header, or > footer that is duplicated at a lower level that has permissions missing.. You mean that /foo/bar/baf/index.html refers to /image.jpg which is outside /foo/acl_users/ "jurisdiction", and that triggers the Basic Auth Pop, after login succeeded and redirected to /foo/bar/baf/index.html? But if I remove the protection on baf/ and /foo/bar/baf/index.html then does not trigger the B.A. pop, how could that be? I suppose /image.jpg could be restricted for authenticated users, but not for anonymous, but that seems rather farfetched, and would not the error message indicate that? > E.g /a/b/c/docLogin works fine, but, /a/b/c/d/e/docLogin doesn't because > something at /a/b/c/d or lower is locked for Anon users, but, isn't at > /a/b/c In my terms: that image.jpg exists both at / and at /foo/bar/baf/, and that the last one is restricted beyond what I have access to even after having been sucsessfully logged in via /foo/acl_users/? > Does that make sense ? Sort of :) "successful login makes acquisition pick up something that is still restricted, and this triggers a B.A. pop before anything is displayed" Is that about it? Only it is slightly beside the point since my problem is not after login, but before. In other words that given /foo/bar/baf/index.html with baf/ restricted and the nearest UF at /foo/acl_users/, when I try /foo/bar/baf/index.html, I do not get redirected to /foo/acl_users/docLogin, but get the B.A. pop. I suppose something in the redirect part could be triggering the ba pop, sort of "on the way" to /foo/acl_users/docLogin. Ther is one on indication something like this is afoot, and that is that after I enabled debug messages after upgrading, the log reports two times in a row: DEBUG(-200) exUserFolder identify returned None, None with exactly the same timestamp. I will look into this now.. > | I was hoping it would be a product that many would be familiar with, and > | that as such it wold be a good reference point to grapple with the more > | general principles. Noting beats assistance from the author of course, > | but please don't insist on treating this as a newbee question :) > > Maybe if you saw my INBOX you'd understand d8) Well, I can imagine :) These are not easy matters to write clearly and simlpy about, but I hope this is better. Thanks for your patience :) G. -- -- ----------------------------------------------------------------- Gaute Amundsen "Technology today is the campfire [EMAIL PROTECTED] around which we tell our stories. There's this attraction to light and to this kind of power, which is both warm and destructive." Laurie Anderson http://www.div.org -------------------------------------------------------------------- _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )