[Zope-CMF] Members only Site

Jens Vagelpohl jens@zope.com
Fri, 23 Nov 2001 18:41:04 -0500


i tried a couple combinations, but it doesn't seem any login form=20
underneath the place where "View" and "Access contents information" is=20=

taken away will ever be accessible to anonymous users. i tried =
re-enabling=20
the two permissions on the form's security tab, proxy roles and all =
that.

if you really don't want the basic auth box there is a possible =
workaround:

- in a folder *above* the portal create a dtml-method with a name other=20=

than login_form
- copy the contents of the orgininal login_form into it
- change references to other files (logged_in and mail_password_form) so=20=

they work
- go to the cookie_authentication object in the portal root and set the=20=

new form's id as the "auto-login page id".

that worked for me.

jens


On Thursday, November 22, 2001, at 12:07 , dieter@handshake.de wrote:

> Jens Vagelpohl writes:
>> the problem is that by disallowing "view" and "access contents=20
>> information"
>>   you also made it "illegal" for anyone to view the login page =
itself,
>> which triggers a redirect to the login page, which is still illegal =
and
>> triggers a redirect again and so forth...
> Does he have a chance to disallow "View" and "Access contents =
information"
> on the folder but allow it on the form?
>
> Maybe after he "customized" the login form (in order to make a ZODB =
based
> object of it).
>
>
> Viele Gr=FC=DFe
> Dieter