[Zope-CMF] Login oddities

Greg Ward gward@python.net
Thu, 20 Feb 2003 10:31:53 -0500

...so I'm still trying to create a "members-only" CMF site, and not
having much luck.  Here's the latest problem: if I create a user with
role "Manager" or "Member", I can login with that user ID -- but if that
user is an "Owner" or "Reviewer", no dice.

Details: Zope 2.6.0, Python 2.1.3, CMF 1.3.  I created a brand new CMF
site called "/portal" and did the following (based on Ausum's
members-only CMF howto):

  * deny "Access contents information" on /portal to Anonymous, give
    it to Authenticated instead

  * create a dead simple DTML Method 'login_form' in

  * grant "Access contents information" and "View" permissions to
    Anonymous on login_form
  * and give login_form a proxy role of "Authenticated"

After doing that, any attempt to access /portal is redirected to
/portal/login_form, and that page is rendered successfully.  Good!
Well, almost good: in the process of redirecting from /portal to
/portal/login_form, a great big whack of error message is spewed at log
level BLATHER.  The gist of it is that /portal/standard_error_message is
"not allowed to access portal_membership in this context".  This is ugly
and kind of disturbing.

But anyways... I created a couple of user IDs in /portal/acl_users
(through the ZMI, which I kept open in another browser).  "mgr" has role
"Manager", and I was able to login just fine.  I tried to create "luser"
with no role, but every login attempt failed.  Nothing is logged about
the failure; all I know is that "retry" is true when login_form comes up
again, because it starts with "Bad login info" (this is straight from
the DTML in Ausum's howto).  If I give "luser" role "Owner" or
"Reviewer", I still can't login with that ID.  Only if I give it
"Manager" or "Member" does it work.

Any clue?

Greg Ward <gward@python.net>                         http://www.gerg.ca/
I brought my BOWLING BALL -- and some DRUGS!!