[Zope-CMF] AccessRule doesn't work

Keller Nicolas nicolas.keller@slb.de
Wed, 31 Jul 2002 15:59:08 +0200


Hello!

I want to protect an intranet from external access. Everytime a user comes
from the internet and not from the intranet, he should be forced to login
before he can access other areas of the cmf-instance.

I ended up with this simple python script:

------

REQUEST=context.REQUEST

if REQUEST.REMOTE_ADDR[:12]!='123.123.123.':
    if context.portal_membership.isAnonymousUser():
        return container.login_form(REQUEST)

------

I placed it in the root of my cmf and put an AccessRule on it.

Now the bad thing: It just don't work :( 

It seems as Zope/CMF ignores it. If I put nonsense in it (like adding a new
line at the bottom: return "THIS IS CRAP") nothing happens - at least in the
normal web view of the CMF, the management interface always sends me back to
the root of my Zope if I want to access an object inside the CMF. The plain
script above without any nonsense in it just doesn't affect anything.

This sounds very crazy but I couldn't find a solution for weeks now. Perhaps
someone here can help?

Thanx in advance,

Nicolas Keller