[Zope] Re: Re: Getting an authenticated user out of context

[Dario Lopez-Kästen]

> 1) I want to use ExUserFolder (my users are in an SQL database).
> 2) I'd like to be able to display user dependent info in root level pages
> 3) Received wisdom (and a bad experience) indicates that ExUserFolder
should
> not be at root level
> 4) If ExUserFolder's acl_users can't be put at the root, then how does
> /index_html interrogate /subfolder/acl_users as to the current user?

>
>
> At the moment I've conceded defeat and have resigned myself to not being
> able to display user dependent info in root level pages. And I don't like
> the idea of an instant redirect. Though I suspect that it may be possible
to
> use VHM to achieve the same effect more transparently.


ok, i see. The solution is to change the root of *what zope serves to the
world*  to be something else than the root of Zope itself, using VHM or a
SiteRoot (I believe VHM is the recommended wya of doing things nowadays).
For instance:

/
/acl_users (root level, only 2-3 people here, manager, owner, etc)
/my_site
/my_site/acl_users (exUserFolder or other with all your users)


You have placed all of your content inside the "my_site" folder. Use a VHM
or SiteRoot to make sure that when your users go to http://your-server/ the
contents is served from /my_site. Search Zope.org and the archives to find
more info on how to do this.

The argument that Toby raises about being locked out is valid, however it
might be less painfull to be locked out from a specific folder (you do have
backups, yes?) than from Zope itself.

Hth,

/dario

- --------------------------------------------------------------------
Dario Lopez-Kästen, IT Systems & Services Chalmers University of Tech.