[Zope] strange login behaviour

[Dieter Maurer]

Didier Georgieff writes:
 > I have really simple login wich is a link to a Method "login" wich 
 > comprise
 > 
 > ....... REDIRECT for login
 > <dtml-call "RESPONSE.redirect(baseURL)">
 > 
 > and 'login' method has NO autorizations for anonymous.
 > 
 > It redirects me on the right "baseURL" page, but the "baseURL" 
 > inludes an "info" Document with 
 > 
 > <dtml-var "AUTHENTICATED_USER.getUserName()">
 > <dtml-in "AUTHENTICATED_USER.getRoles()">
 > 
 > who shows ONLY anonymous after the first login..
 > 
 > IF I do a second login (exactly the same) then it works fine and i 
 > got the right Names and Roles..
I am not sure...
... but it might be possible that the browser sets a cookie only
after the redirect.

I saw a comment in GUF (Generic User Folder, a Zope product
for cookie base authentication) about the necessity of a
double indirection because cookies might not be set during
authentication. This would point into the above direction.

I must admit, however, that I did not really understand
the GUF comment.


Dieter