[Zope] Ahaaaa! Success Startup Authentication !!

Robert Canary rwcanary@ohiocounty.net
Mon, 14 Jun 1999 03:22:12 -0500


Yes you are correct "The docs are correct".  The problem was/is: If one
changes the access file then they *must* stop the pcgi.  Thus forcing it to
restart from a called request and it will read the access file agian.

Michel Pelletier wrote:

> > -----Original Message-----
> > From: Robert W. Canary [mailto:rwcanary@ohiocounty.net]
> > Sent: Friday, June 11, 1999 11:38 PM
> > To: zope@zope.org
> > Subject: [Zope] Ahaaaa! Success Startup Authentication !!
> >
> >
> > Okay,   I think I know what is causing the trouble.
> >
> > I found one thing that did not quit work the way the zope docs said.
> > You should be able to *not* include the domain name in the access file
> > (eq superuser:123)   I finally got to the point (agian) where I kept
> > getting the  failed authorization.  Except this time when I clicked
> > cancel I did not get the message that there was no
> > Authorization header
> > found.  Instead it said the username and password supplied were
> > incorrect.   So I went back into the /var/local/Zope/access file and
> > changed it to rwcanary:xxxxx:*.ohiocounty.net and it WORKED!
> >
>
> The Zope docs are correct, you are not required to use a domain name
> spec, this is the way I and probably 90% of the people on this list use
> it.  Are you sure you had the right password typed in there in the first
> place?
>
> > I have one question?  After I log onto the "/Zope.cgi/manage"
> > I can exit
> > and then go backto /Zope/Zope.cgi/manage it goes directly to it.  It
> > does not ask me for a username and password anymore.  Why?
> >
>
> Zope does ask your browser for authentication, but your browser (most
> browsers do this) caches the HTTP Basic authentication information for
> you.  If it didn't do this, you would need to autheticate yourself on
> every reqeust.  Remember, HTTP is *stateless*.  There is no conecpt of
> "logging in" because being logged in would imply state.  You may have
> been tricked in the past into believing there was state involved by such
> trickery as Basic auth header caching and cookies.
>
> -Michel
>
> > --
> > robert canary
> > system services
> > OhioCounty.Net
> > rwcanary@ohiocounty.net
> > (270)298-9331 Office
> > (270)298-7449 Fax
> >
> >
> >
> >
> > _______________________________________________
> > Zope maillist  -  Zope@zope.org
> > http://www.zope.org/mailman/listinfo/zope
> >
> > (For developer-specific issues, use the companion list,
> > zope-dev@zope.org - http://www.zope.org/mailman/listinfo/zope-dev )
> >
>
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://www.zope.org/mailman/listinfo/zope
>
> (For developer-specific issues, use the companion list,
> zope-dev@zope.org - http://www.zope.org/mailman/listinfo/zope-dev )

--
robert canary
system services
OhioCounty.Net
rwcanary@ohiocounty.net
(270)298-9331 Office
(270)298-7449 Fax