[Zope-CMF] Login troubles.

John Morton jwm@plain.co.nz
Tue, 29 Jan 2002 15:56:48 +1300


On Saturday 26 January 2002 02:12, Tres Seaver wrote:
> John Morton wrote:
> > I've just moved a portal site from one server to another, upgrading from
> > python2.1.1 -> 2.1.2 on both servers in the process. Both are using the
> > same set of products (CMF-1.2 + Decor, Collector and Wiki from the same
> > CVS snapshot). Both are serving up requests via an apache proxy pass
> > configuration.
> >
> > On the original server, I can log into the site without a problem. On the
> > new server with the copied site, I can, as it never sends an '__ac'
> > cookie. It does set other cookies (ie 'tree-s', '__ac_name') and it does
> > let me log in as the admin user via Basic Auth.
> >
> > Anyone know where I should start looking to solve this problem?
>
> Check the 'cookie_authentication' object;  do its properties
>
> look the same on both sites? 

It turned out to be an ownership problem. I imported the site into the second 
server, leaving the permissions as they where (I didn't want to trump the 
ownerships of the member folder), but the manager users have different names 
on each zope instance. This seems to cause the underlying authenication 
machinery to fail to log on users in that site's acl_user folder.

The workaround I've used is to import, retaining ownership, then selectively 
change the ownership of the various portal objects that needed it. I wish 
there where better interfaces for changing and analyzing zope's security 
policys and local roles :-/

John