[Zope] Going from Zope 2.1.6 to 2.3.0: security issue

Tue, 6 Feb 2001 10:35:04 PST

We are in the process of moving from Zope 2.1.6 to Zope 2.3.0

We had some web pages that we wanted to restrict to people just at 
our research lab. 

We did this by creating a role called "localUsers". And then we added 
a user with a domain of *.parc.xerox.com that had the role of 
localUsers. This allowed anyone whose web browser was on a machine in 
*.parc.xerox.com to access the pages. This worked great in 2.1.6.

When we brought up Zope 2.3.0 we find that we get prompted for an id 
and password when accessing web page that have our role localUsers 
applied to them. We can tell the user what to type, but it is 
annoying.

What's the best way to restrict a set of pages to a particular domain 
without having to require the user to login?

Thanks.