On Saturday 03 December 2005 01:30, Andrew Milton wrote:
> +-------[ Gaute Amundsen ]----------------------
> | > Since your index_html and docLogin both seem to require permissions to
> | > view,
> | No, no, and NO again. docLogin noes NOT require permission.
> | I can access it without problem. If I cold not this would probably be a
> | simple problem, and I would not be posting to the list.
> | > I would check to make sure that your 'header' and 'footer' items
> | > aren't doing something restricted.
> | >
> | > If you're using DTML, then I'd check that standard_html_header and
> | > standard_html_footer.
> | >
> | > Make sure that in addition to the 'View' permission that also the
> | > 'Access Contents information' permissions are set for Anonymous
> | > on headers, footers and docLogin (and index_html if required).
> | I am sorry, but I have been down that path numerous times, and it is all
> | in order.
> | I remove 'view' permission for anonymous from a folder or index.html file
> | way below acl_users, and I get the described problem when I try to access
> | it. I restore that permission, and everything displays properly.
> | If I go to acl_users/docLogin directly, I can log in with cookies, and
> | everything works fine. I believe that neatly eliminates the concerns you
> | raise here.
> Not really d8) The primary cause for getting a Basic Auth Pop is because
> your login form is attempting to do something that an Anonymous user
> doesn't have permission to do.
so if I have /foo/bar/baf/, and baf/ is protected, but I can
view /foo/acl_users/docLogin, you think that docLogin still could be trying
to touch something restricted?
Upgraded to 0_20_1 now, but sill the same behavor.
When I create an index.html inside acl_users it displays without complaint as
I created a new acl_users from scratch, but no difference.
> There's another acl_users between
> exUserFolder and the content item (so it's getting the wrong user folder,
> unlikely in this case), or you have an item in your page, header, or
> footer that is duplicated at a lower level that has permissions missing..
You mean that /foo/bar/baf/index.html refers to /image.jpg which is
outside /foo/acl_users/ "jurisdiction", and that triggers the Basic Auth Pop,
after login succeeded and redirected to /foo/bar/baf/index.html?
But if I remove the protection on baf/ and /foo/bar/baf/index.html then does
not trigger the B.A. pop, how could that be?
I suppose /image.jpg could be restricted for authenticated users, but not for
anonymous, but that seems rather farfetched, and would not the error message
> E.g /a/b/c/docLogin works fine, but, /a/b/c/d/e/docLogin doesn't because
> something at /a/b/c/d or lower is locked for Anon users, but, isn't at
In my terms: that image.jpg exists both at / and at /foo/bar/baf/, and that
the last one is restricted beyond what I have access to even after having
been sucsessfully logged in via /foo/acl_users/?
> Does that make sense ?
Sort of :)
"successful login makes acquisition pick up something that is still
restricted, and this triggers a B.A. pop before anything is displayed"
Is that about it?
Only it is slightly beside the point since my problem is not after login, but
before. In other words that given /foo/bar/baf/index.html with baf/
restricted and the nearest UF at /foo/acl_users/, when I
try /foo/bar/baf/index.html, I do not get redirected
to /foo/acl_users/docLogin, but get the B.A. pop.
I suppose something in the redirect part could be triggering the ba pop, sort
of "on the way" to /foo/acl_users/docLogin.
Ther is one on indication something like this is afoot, and that is that after
I enabled debug messages after upgrading, the log reports two times in a row:
DEBUG(-200) exUserFolder identify returned None, None
with exactly the same timestamp.
I will look into this now..
> | I was hoping it would be a product that many would be familiar with, and
> | that as such it wold be a good reference point to grapple with the more
> | general principles. Noting beats assistance from the author of course,
> | but please don't insist on treating this as a newbee question :)
> Maybe if you saw my INBOX you'd understand d8)
Well, I can imagine :)
These are not easy matters to write clearly and simlpy about, but I hope this
Thanks for your patience :)
Gaute Amundsen "Technology today is the campfire
[EMAIL PROTECTED] around which we tell our stories.
There's this attraction to light
and to this kind of power, which is
both warm and destructive."
Zope maillist - Zope@zope.org
** No cross posts or HTML encoding! **
(Related lists -