[Zope3-dev] z3+squid+Unauthorized = weirdness
Adam Groszer
adamg at fw.hu
Wed Dec 20 08:36:59 EST 2006
Hello,
Just happened the following:
zope3
server
|
|
squid proxy
/ \
/ \
/ \
userA userB
Both my users are sitting behind a squid proxy/firewall.
That is a usual out-of-the-box SuSe linux firewall/proxy config.
Each request goes through the squid proxy.
userA does NOT have permission to http://zope3/ap_test/folder1.
userB has permission to everything, including http://zope3/ap_test/folder1,
he might even be a zope.manager.
1. userA accesses http://zope3/ap_test/folder1
2. userA gets the usual "Unauthorized, You are not authorized" message
3. userB accesses http://zope3/ap_test/folder1
4. BANG!, userB gets also the "Unauthorized, You are not authorized" message
Investigating further, the request at 3. does not get to the zope3
server. It got served by squid.
Adding the "no-store, no-cache, must-revalidate" etc. headers to the
Unauthorized page solves the problem.
Any opinions about that? Is it my mistake, a squid bug, a Z3 bug?
--
Best regards,
Adam mailto:adamg at fw.hu
--
Quote of the day:
Reality is for people who can't cope with fantasy.
More information about the Zope3-dev
mailing list