[Zope] subfolder wrong absolute_url

Steve Alexander steve@cat-box.net
Wed, 17 May 2000 11:08:48 +0100


Ulrich Wisser wrote:
> 
> The authorisation should be made for http://my.zope/subfolder/.
> Then the path is /subfolder/ and only objects under subfolder
> will be accessed with auth info.
> 
> Yes I use basic authentication (no cookies).

This is really interesting. :-)

I haven't had a chance to look into this yet, but from what you've said,
the default basic authentication algorithm in Zope is to use as the
"authentication root" the value of PATH_INFO (or PATH_TRANSLATED
perhaps), when it should be set to the value of "root" in the following
pseudocode.
 
  if PATH_ENFO ends in '/':
      root = PATH_INFO
  else:
      root = PATH_INFO+'/'.


That sounds like it is probably a simple patch to Zope authentication.

--
Steve Alexander
Software Engineer
Cat-Box limited