[Zope] Basic Security question

Small Business Services toolkit at magma.ca
Thu May 27 11:51:01 EDT 2004

Thanks for the response Stefan...

> Not sure, but note that proxy roles are not passed on to scripts
> invoked by Display. Only Display itself will have the proxy role.

The 'Display' dtml method (which has the 'Authenticated' proxy role) is
trying to access an object in the 'Data' folder (folder has 'View'
permission set to 'Authenticated' only).  The object in the 'Data' folder is
not a script, but an image file I would like the 'Display' method to



> On Donnerstag, Mai 27, 2004, at 17:09 Europe/Vienna, Jonathan Hobbs
> wrote:
> > I have created a dtml method called 'Display'.  This test routine is
> > hardcoded to display an object from the 'Data' folder.  I have set the
> > Proxy
> > role for the Display method to "Authenticated".  When, as an
> > 'anonymous'
> > user, I access the 'Display' method the security popup window appears?!
> > Shouldn't the Proxy role assigned to the dtml method enable access to
> > the
> > object in the folder?

More information about the Zope mailing list