[Zope] Assigning a Role Based on IP Address (domain)

Chris McDonough chrism@digicool.com
Wed, 4 Jul 2001 18:09:42 -0400 

Hi David,

Visit the URL (on your server):

http://your.server/acl_users/setDomainAuthenticationMode?domain_auth_mode=1

It should come back and say:

Domain authentication mode set to 1.

Then try everything else you described again.

Sorry,

- C


----- Original Message -----
From: "David Legg" <d.legg@ncl.ac.uk>
To: "Zope List" <zope@zope.org>
Sent: Wednesday, July 04, 2001 11:18 AM
Subject: [Zope] Assigning a Role Based on IP Address (domain)


> Hi all,
>
> I want to assign a user a role based on their IP address or domain.
Looking
> through the Zope book this seemed fairly straightforward but I can't get
it
> to work. The folder I am doing this in is one up from the root level, so I
> can then lock things down from this folder up. This is what I did:
>
> 1. Created a new role called internalUser
> 2. Created a new user called anon, but didn't fill in the password fields,
> specified the domain as *.mydomain.com and selected the role as
> internalUser.
> 3. Created a DTML document (no security assigned) and did a <dtml-var
> "AUTHENTICATED_USER.getRoles()"> to see what role was being assigned.
>
> When I log into the document anonymously it still displays the role as
> anonymous - yes I am in the right domain. When I set the security settings
> to lock out anonymous but enable internalUser to view the page it still
> prompts for a username and password - even though I didn't specify a
> password. Looking at the user anon in acl_users the password field is
filled
> even though I didn't specified password - is this normal? Strangely when I
> give this user a password and log in the ip/domain restriction works -
there
> must be something going amiss somewhere..
>
> The reason why I would like to do it this way is so that I can
conditionally
> show/hide parts of a page based on this role just to give you some
context -
> provided it assigns the right role based on domain/ip!
>
> If someone could provide some step by step instructions as to how they did
> this (I cannot for the life of me see what I'm missing) and a possible
> workaround perhaps using REMOTE_ADDR - I would dearly like to avoid this!
>
> Thank you in advance
>
> David
>
>
>
>
>
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
>