[Checkins] SVN: bluebream/website/docs/v1.0/tutorial4.rst mention about default view for IUnauthorized exception

Baiju M baiju.m.mail at gmail.com
Tue Aug 17 23:56:25 EDT 2010


Log message for revision 115749:
  mention about default view for IUnauthorized exception
  

Changed:
  U   bluebream/website/docs/v1.0/tutorial4.rst

-=-
Modified: bluebream/website/docs/v1.0/tutorial4.rst
===================================================================
--- bluebream/website/docs/v1.0/tutorial4.rst	2010-08-18 03:48:50 UTC (rev 115748)
+++ bluebream/website/docs/v1.0/tutorial4.rst	2010-08-18 03:56:25 UTC (rev 115749)
@@ -289,11 +289,32 @@
 same three basic attributes the ``zope:principal`` directive had, but does
 not accept the login and password attribute.
 
+You also need to register a default view for ``IUnauthorized`` exception as
+given below.  Here the and implementation available in ``zope.app.http``
+package is included: ``zope.app.http.exception.unauthorized.Unauthorized``::
+
+  <view
+      for="zope.security.interfaces.IUnauthorized"
+      type="zope.publisher.interfaces.http.IHTTPRequest"
+      name="index"
+      permission="zope.Public"
+      factory="zope.app.http.exception.unauthorized.Unauthorized"
+      />
+
+  <browser:defaultView
+      for="zope.security.interfaces.IUnauthorized"
+      layer="zope.publisher.interfaces.http.IHTTPRequest"
+      name="index"
+      />
+
 Now your system should be secure and usable.  If you restart BlueBream now,
 you will see that only the ticket collector's Admin can freely manipulate
 objects.  (Of course you have to log in as one.)
 
+Important Note: While testing security related things use ``deploy.ini``.
+Otherwise you can remove ``z3c.evalexception`` middleware from ``debug.ini``.
 
+
 Conclusion
 ----------
 



More information about the checkins mailing list