[Zope] Acquisition / proxying object
Peter Sabaini
peter at sabaini.at
Mon Feb 25 16:40:44 EST 2008
On Monday 25 February 2008 21:31:46 Joerg Baach wrote:
> Hi Peter,
>
> > I'm not familiar with LDAPUserFolder (its not really a user object but a
> > user container, isn't it?) but the error you're getting is a security
> > error -- the Python Script checks for security attributes before it
> > accesses attributes. You need to add the appropriate security
> > declarations in your product before it can be used inside PyScript
>
> Well, even with: __allow_access_to_unprotected_subobjects__ = 1 I get
> the same error. VerboseSecurity is also on. :-(
I should have mentioned that in order for verbose-security to work you also
need to switch to the python security implementation -- did you do that?
"security-policy-implementation python" in zope.conf
If yes, you should see lines like these in your event.log:
2008-02-25T22:30:18 DEBUG ImplPython Unauthorized: Your user account does not
have the required permission. Access to 'manage' of (Application at )
denied. Your user account, Anonymous User, exists at /acl_users. Access
requires one of the following roles: ['Manager']. Your roles in this context
are ['Anonymous'].
peter.
> Cheers,
>
> Joerg
More information about the Zope
mailing list