[Zope] UserFolder Alternate Login
Oliver Bleutgen
Oliver Bleutgen <myzope@gmx.net>
Fri, 5 Jan 2001 22:00:41 +0100
> Zopatistas,
> I need functionality that none of the UserManagers seem to address. I
> need to allow a user to elect to log in (and set
> AUTHENTICATED_USER) as opposed to have them access a restricted
> resource to trigger cookie authentication.
You mean you want to use AUTHENTICATED_USER like a cookie, i.e.
loggin in and every password authenticates?
Using basic auth it might be a nice way to get cookie functionality
without using cookies.
You could write a custum method which triggers authentication and
rewrite the method of GUF to always return 1. If someone wants
to "log in", he could click on a link to this method.
Maybe
<dtml-unless "AUTHENTICATED_USER.getUserName()=='Anonymous User'">
<dtml-raise type="Unauthorized">
Logout!!
</dtml-raise>
</dtml-unless>
You are now logged out!
could be a starting point. If it is contained in standard_html_header it
would force everyone to choose a user name, and in conjuction with
the GUF-hack mentioned above he would always be logged in -
well unless he decides to call himself "Anonymous User" (luck that
this isn't coward ;).
If you want to use cookies anyways, take a look at session manager or
code it yourself and don't use hasrole.
cheers,
oliver