[Zope-CMF] Re: Show/hide content from users/groups
roel.vandenbergh at scarlet.be
Tue Sep 18 08:33:21 EDT 2007
---------- Originele hoofding -----------
Naar : zope-cmf at zope.org
Datum : Tue, 18 Sep 2007 12:24:57 +0200
Onderwerp : [Zope-CMF] Re: Show/hide content from users/groups
> roel wrote:
> > I spend several days digging trough various information sources, but I could
> > not find a proper solution.
> > What am I missing here?
> > With kind regards, Roel.
> 'VerboseSecurity' is your friend ;-)
Found an interesting page at http://wiki.zope.org/zope2/VerboseSecurity
They apparently did not have this in Zope 2.5.1
Enabled verbose-security, restarted Zope and disabled login_form in cookie
Trying to access the site I got a pop-up asking for credentials ... pretended
to be a user and ... voila ... the site comes up as intended, with hidden
folders discarded as should be. So up to this point I didn't do anything wrong
Now for the tricky part. I use a 'hard' redirect triggered by the 'logged_in'
page template, so people need to access the site trough the 'login_form'
template (Correct?). So I manually enter http://site/login_form and enter the
necessary credentials. A pop-up appears asking for credentials, which I
enter. This pop-up appears three times on which I get the following message ...
Error Type: Unauthorized
Error Value: Your user account does not have the required permission. Access
to 'setProperties' of (ImplicitAcquirerWrapper object at 0xb04612c) denied.
Your user account, Beneens, exists at /total/acl_users. Access requires one of
the following roles: ['Manager']. Your roles in this context are
For more detailed information about the error, please refer to the error log.
I cannot find any clues in the event.log nor in the Z2.log, but I find it odd
to have to give a mere Member admin rights to be able to log in trough the
standard login form.
Kind regards, Roel.
Scarlet One, ADSL 6 Mbps + Telefonie, vanaf EUR 29,95...
More information about the Zope-CMF