[Zope] Access Rule

Dieter Maurer dieter@handshake.de
Tue, 24 Jun 2003 20:20:10 +0200

Andrew R. Halko wrote at 2003-6-24 10:20 -0400:
 > ...
 > I created an access rule in Plone, not the root and I need to find if a
 > user is logged in.  I was told that can't be done,

They are right...

 > but doesn't there
 > have to be a something transferred between pages to tell if someone is
 > logged in.

There is indeed. It is either a cookie (in a format understood
by the UserFolder that created the cookie) or an HTTP
authentication header (in a format specified by the HTTP specification).

However, that you see this information does not mean that
the request is authenticated. Indeed authentication
is only done after traversal and therefore after your AccessRule

Someone (I think Evan) posted a patch to implement a post authentication
hook. Something like this might help you.