[Zope] FTP Access

Edward Pollard pollej@uleth.ca
Wed, 2 Apr 2003 16:44:28 -0700


As previously discussed, I had initial problems setting up users with 
FTP since they did not have access to the root of the Zope server 
(being defined in a LDAP User Folder somewhere down the tree). The 
inability to create subfolder in their space was the primary symptom, 
and was resolved by granting FTP Access to Anonymous at the root.

However, this has a side effect. You can now log into the server with 
ANY username and password and see files. You cannot change the files 
unless you've provided a proper username and password, of course.

This is pretty confusing when you mistype your password - everything 
seems fine until you try to upload something. At that time you get an 
"Unauthorized" message. There is no indicator that you've just mistyped 
your password.

It seems fairly straightforward that the FTP server is allowing any 
l/p, and granting "anonymous" access. I'd really like to stop this 
behavior, and between you and me I think this behavior is aberrant.

I thought - perhaps - granting FTP Access to Authenticated at the root 
of Zope would be a solution, but does not solve the first problem 
(discussed above).

Any thoughts?

Edward