[Zope] Problem with AUTHENTICATED_USER.has_role('X')"

complaw@hal-pc.org complaw@hal-pc.org
Thu, 12 Dec 2002 14:34:07 GMT


I'm stumped.

I have a block of dtml code in my standard_html_header file that is supposed to
tailor the menu line depending upon the user's role (once authenticated).  For
example, the standard_html_header file contains something like:

<dtml-if "AUTHENTICATED_USER.has_role('Manager')">
  ... make a (more extensive) menu line
<dtml-else>
  ... make a menu line for non-authenticated users
</dtml-if>

I have a login menu item for the non-authenticated users, giving them an
opportunity to authenticate.  The authentication scheme calls a DTML Method
(named "logger") that has security settings such that the challenge/response
routine is initiated.  Once the user is able to run logger, it takes them back
to the index_html file (with the standard_html_header file mentioned above). 
When comming from the logger object, the menu is constructed correctly
(according to the user's role).  However, when coming back to index_html from
somewhere else (say another folder), it goes back to the non-authenticated menu
as if I never logged in (i.e., the code of the AUTHENTICATED_USER has somehow
changed or is being ignored).  Note, when I click on the login menu button
(calling the logger object, I immediately get the correct menu (without the
challenge/response).

Is there something to remedy this problem?

TIA,

Ron