I'm at my wit's end. Any help is appreciated. Yes, I have worn Google out trying to figure this out.

In my (yeah, yeah, I know) DTML method, I have structured things like so:

<dtml-call pyCheckSession> <-- a Python script that checks whether the user is allowed to see the page
   <dtml-var mvp_header> <-- header include
   Sundry HTML/DTML

I am running Zope 2.9.2 and Python 2.4.2 on Mac OS X 10.4.6. I have the stock session manager objects installed (Transient Object Container, Session Data Manager, and Browser Id Manager).

When I am not logged in and I go to an unauthorized page, the response location appears to get set as desired, but the redirect does not happen. Instead, the page from the original URL still renders (not very secure, I'd say).

The URL I hit was:


Here are the relevant bits from pyCheckSession:

request = container.REQUEST

session = request.SESSION
url = ''

if len(session.keys()) == 0:
   "User is not logged in"
   url = '/www/nmact/MVP/website/login_html'

if url <> '':
        "If we have need to, bump the user out"

Here are the contents of the response object:

   HTTP/1.1 302 Moved Temporarily
   Server: Zope/(Zope 2.9.2-, python 2.4.2, darwin) ZServer/1.1
   Date: Tue, 23 May 2006 22:05:51 GMT
   Content-Length: 0
   Location: /www/nmact/MVP/website/login_html

To reiterate, the response location appears to get set to login_html, but the content of mymvp_html still renders. What am I doing wrong?

[EMAIL PROTECTED] / http://clearwired.com
Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to