[Zope] security policies bwt Zope 2.3.0 and 2.3.2

Irene Barg ibarg@as.arizona.edu
Wed, 08 Aug 2001 15:53:05 -0700


Dieter,

Ok, I went back and removed the Update folder, then imported
it using the option 'Take ownership of inported objects'.
It prompts for the login Id and password, but it just says
'Authorization failed, retry?'.  I've removed the users in
the acl_users folder and re-created them, this doesn't fix
it.  Thanks for the suggestion. --irene
Dieter Maurer wrote:
> 
> Irene Barg writes:
>  > ....
>  > On my development machine, this does what I want it to.
>  > If someone trys to access the '/ADASS/Datbase/Update' URL
>  > it prompts them for a login/password.  I exported the 'Update'
>  > folder, then imported it (Retain existing ownership info) into
> Maybe that is the problem:
> 
>   Does the owner exists on the production side?
>   If not, there are effectively only the rights for
>   anonymous as the effective permissions are the intersection
>   of the users permissions and that of the owner.
> 
>   If the owner does not exist, he has at most anonymous
>   permissions.
> 
> Dieter

-- 
----------------------------------------------------------------
Irene Barg		      Email:  ibarg@as.arizona.edu
Steward Observatory	      Phone:  520-621-2602
933 N. Cherry Ave.
University of Arizona	      FAX:    520-621-1891
Tucson, AZ  85721	      http://nickel.as.arizona.edu/~barg
----------------------------------------------------------------