+-------[ Gaute Amundsen ]----------------------
| Can anyone tell me what the argument "roles" to the methods validate and  
| authorize is supposed to be? 

Roles should be the list of roles required for access. If no roles are passed
the security mechanism is supposed to query the object for the roles needed
for access...

| The reason I ask is that I suspect that a previous developer has done 
| something that has made "roles" contain 'Anonymous user' when it should not, 
| and that this interferes with the propper functioning of login at our sites.

That in and of itself isn't a problem. The 'View' permission e.g. could
require 'Anonymous user', 'Manager', or 'Owner' roles..

However, if a USER has the Anonymous role, that could be causing an issue...

Andrew Milton
Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to