On Fri, Nov 11, 2005 at 10:39:13PM +0800, Tom Hallam wrote: | Just tried PlonePAS on a test site (clean install 2.1.1 on current Zope | 2.8.x) and was getting an assertion error when using quick installer. | I'd done my normal setup of using a different user name and password for | the zope admin account and the plone admin account. Just to try | something else ... I decided to log into the plone site using the | acquired admin account from the Zope install -> No error but it | overwrote both the Zope and Plone acl_users. | | Is this normal for PlonePAS? | Why? | Does it mean that all plone sites on a zope instance must use PlonePAS?
Your problem is not related to Plone or PlonePAS. Basically if you are using PAS and you want to authenticate with a user that is not defined in PAS user folder in the context you are trying to log in but in a upper level user folder, then you might not be able to login if that user folder is not a PAS one in some setups. Why? Because what happens is: 1. Page requires authentication 2. The PAS closer to your location issues a challenge 3. PAS extracts the credentials and tries to authenticate, but fails because the user is defined in a upper level user folder. 4. Now, if the upper level user folder is a standard user folder, not PAS, it can't extract the credentials from the request because 'its too late' in the request to do that. However if it is a PAS then it can because of the way PAS was designed. There is a thread from a couple months ago where I explained this in better detail. -- Sidnei da Silva Enfold Systems, LLC. http://enfoldsystems.com _______________________________________________ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas