[Grok-dev] Grokwiki Security in Eggified Grok

Steve Schmechel steveschmechel at yahoo.com
Sat Aug 18 01:00:47 EDT 2007

It used to be that editing securitypolicy.zcml and principals.zcml in
parts/instance/etc and adding "grok.define_permission" and
"grok.require" statements to the code, allowed one to require
authentication with proper permissions in order to edit pages.

Using current trunk code, it appears that the security directives go
into the buildout.cfg and are then copied into
parts/grokwiki/site.zcml.  However, tese settings seem to have little
effect.  (Even changing just the manager password that is built by

Instead of the app causing the browser to display a login/password
dialog when trying to edit, the browser is redirected to the admin
page, where a form-based login and password only responds to the
original grok/grok authentication.

Am I missing something simple?  Has something changed due to the new
(much nicer) admin page?  What is the proper way to apply security to
specific operations?  


Yahoo! oneSearch: Finally, mobile search 
that gives answers, not web links. 

More information about the Grok-dev mailing list