[Zope] Basic Security question
Jonathan Hobbs
hobbs at magma.ca
Thu May 27 11:09:46 EDT 2004
I thought I understood permissions and roles, but...
I have a folder ('Data') with the 'View' security role set to
'Authenticated', and 'Acquire Permissions' is NOT checked for 'View'.
When, as an 'anonymous' user, I try to access an object within the 'Data'
folder the security popup window (enter your name/password) is displayed.
This works as I expected it to.
I have created a dtml method called 'Display'. This test routine is
hardcoded to display an object from the 'Data' folder. I have set the Proxy
role for the Display method to "Authenticated". When, as an 'anonymous'
user, I access the 'Display' method the security popup window appears?!
Shouldn't the Proxy role assigned to the dtml method enable access to the
object in the folder?
Any and all help appreciated!
Jonathan
More information about the Zope
mailing list