[Zope-CMF] Login oddities
Thu, 20 Feb 2003 10:31:53 -0500
...so I'm still trying to create a "members-only" CMF site, and not
having much luck. Here's the latest problem: if I create a user with
role "Manager" or "Member", I can login with that user ID -- but if that
user is an "Owner" or "Reviewer", no dice.
Details: Zope 2.6.0, Python 2.1.3, CMF 1.3. I created a brand new CMF
site called "/portal" and did the following (based on Ausum's
members-only CMF howto):
* deny "Access contents information" on /portal to Anonymous, give
it to Authenticated instead
* create a dead simple DTML Method 'login_form' in
* grant "Access contents information" and "View" permissions to
Anonymous on login_form
* and give login_form a proxy role of "Authenticated"
After doing that, any attempt to access /portal is redirected to
/portal/login_form, and that page is rendered successfully. Good!
Well, almost good: in the process of redirecting from /portal to
/portal/login_form, a great big whack of error message is spewed at log
level BLATHER. The gist of it is that /portal/standard_error_message is
"not allowed to access portal_membership in this context". This is ugly
and kind of disturbing.
But anyways... I created a couple of user IDs in /portal/acl_users
(through the ZMI, which I kept open in another browser). "mgr" has role
"Manager", and I was able to login just fine. I tried to create "luser"
with no role, but every login attempt failed. Nothing is logged about
the failure; all I know is that "retry" is true when login_form comes up
again, because it starts with "Bad login info" (this is straight from
the DTML in Ausum's howto). If I give "luser" role "Owner" or
"Reviewer", I still can't login with that ID. Only if I give it
"Manager" or "Member" does it work.
Greg Ward <firstname.lastname@example.org> http://www.gerg.ca/
I brought my BOWLING BALL -- and some DRUGS!!