[Zope] New install (2.6.2/RedHat9), server starts OK, can't log in

J Cameron Cooper jccooper at jcameroncooper.com
Thu Mar 18 17:43:59 EST 2004 

Anthony R. Thompson wrote:

> I've installed Zope 2.6.2 on RedHat 9 using the RPM (from
> http://zope.org/Members/medienlabor/packages).  The installation went
> fine (no errors) and I started the server with /etc/init.d/zope start
> as recommended in the README.RedHat file.  I checked the logs
> (/var/log/zope.log and /var/log/zope.debug.log) and didn't see any
> errors.
>
> I was able to go to http://www.myserver.com:8080/ and get the initial
> Zope page, however I was unable to log in to the management interface.
> After several tries I get an error of "You are not authorized to
> access this resource." I'm trying to use the superuser account, with
> the same password I set from the command line with the zpasswd script
> (chose SHA and domain restriction of *.mydomain.com). I tried both
> that password (set on the command line) and the default as described
> in the README.RedHat, and neither worked.
>
> ...PCGI stuff...

I don't think that your proxy has anything to do with this, since going 
to port 8080 should bypass all that. Furthermore, all the instructions 
you might find that have to do with Apache rewrites/proxies have nothing 
to do with PCGI, but are an alternate method now used in preference to 
PCGI. (Though I may be wrong, pending knowing the actual pages you're 
looking at.)

You're real problem is that you and the current ZODB disagree with 
regards to credentials. This is a common problem with distro-packaged 
Zope (though usually from Debian users.) You may need to do the 
zpasswd.py magic some more, either to set up an "emergency user" so as 
to make a proper user ('access' method) or to create a new ZODB with the 
proper credentials ('inituser' method).

Read docs/SECURITY.txt for the basics. I have in the past written about 
several gotchas in this process. I'm afraid I don't have time to go look 
this up for you at the moment, but those posts should be easily found. 
Some appropriate keywords are zpasswd, access, and inituser.

The other option is that what you did worked and that the domain 
restriction is working against you. Make sure you are where you think 
you are.

> thanks,
> Anthony
>
> (ps--I searched the archives before asking this question, but didn't
> see anything about this topic)

And that's appreciated.

          --jcc

-- 
"He who fights with monsters should look to it that he himself does not become a monster. And when you gaze long into an abyss the abyss also gazes into you."

More information about the Zope mailing list