Nuxeo mailing list archives
[CPS-devel] Member user cannot login with my META directory
danieltellez
danieltellez at yerbabuena.es
Fri May 11 13:32:50 CEST 2007
Miguel Sánchez Beato wrote:
> danieltellez escribió:
>> Miguel Sánchez Beato wrote:
>>> danieltellez at yerbabuena.es escribió:
>>>> Hello,
>>>>
>>>> I'm dealing with a META directory for the users of my portal (CPS
>>>> 3.4.4) that takes the fields from two backing directories:
>>>>
>>>> SQL directory schema (MySQL stores user info)
>>>>
>>>> ZODB (roles and groups).
>>>>
>>>> I've enabled joining the portal.
>>>>
>>>> When I join the portal, the user i've created is in all the
>>>> directories correctly. When I try to login with that user, the
>>>> portal doesn't show any error, but neither let me enter to the portal.
>>>>
>>>> This only happens when I try to join from anonymous, because the
>>>> portal asign 'Member' role.
>>>>
>>>> If I create a Manager user, he can enter the web correctly.
>>>>
>>>> Anyone knows why?
>>>>
>>> It could happen that a user has no permissions to "see" its own
>>> resources (is not the owner of its own edirectory entry) when get
>>> access to the portal.
>>>
>>> When you use Meta and backing directories, you have to specify the
>>> assingment of the role Owner for the directory entry that is needed
>>> when a user login the portal.
>>>
>>> In each directory (meta and backing), in the tab "Entry Local Roles":
>>> - create a new role "Owner" and write as "python: entry.get('id')
>>> == user_id" as condition
>>> - 'id' needs to be the identity field for the entries
>> That line was setted correctly but I get the behavior like you say.
>>
>> I've traced 'logged_in' and I've obtained next results:
>>
>> to_workspaces = False
>>
>> to_member_home = False
>>
>> redirect_to_portal = False
>>
>> redirect_url = http://localhost:8080/btil/logged_in
>>
>> is_anon = 0
>>
>> member = <CPSMemberData at ... used for /btil/acl_users>
>>
>>
>> It means that the user is created correctly and login correctly, but
>> it cannot access the information, like you say... do you know any
>> other problem that may cause this behavior ?
>
> The only thing I'm thinking about is a permissions problem, that is,
> maybe the 'Member' user has not enough permissions to see the propper
> resources when logging in.
>
> In 'logged_in.py', it is clear that if you obtain redirect_url=
> http://localhost:8080/btil/logged_in, it means that the user has not
> 'View' permission in the workspaces/sections folders within the portal
> (and takes the 'came_from' url value).
>
> Check the first part of 'logged_in' (method checkRedirect, etc) and
> try to find why your user has no permissions (look at the ZMI Security
> Tabs), and set them.
>
>
I gave View permission to workspaces/sections folders to Member users.
The users cannot enter yet.
I' ve review the logged_in script and I' ve removed this piece of code:
if first_time and member.has_role('Member'):
mtool.createMemberArea()
now = context.ZopeTime()
member.setProperties(last_login_time=now)
Now, the portal shows an error but the user is in. I can navigate with
user session.
I keep on searching.
>
>>
>>
>>>
>>> This will assign to the directory entry the role "Owner" for the
>>> corresponding user.
>>>
>>> Hope this will work for you!
>>> _______________________________________________
>>> cps-devel mailing list
>>> http://lists.nuxeo.com/mailman/listinfo/cps-devel
>>>
>>
>>
>
>
--
Daniel Téllez Sabán.
Yerbabuena Software. Dpto I+D.
danieltellez at yerbabuena.es
http://www.yerbabuena.es
Tlf/Fax: 902 995 246 Móvil: 615 051 283
This list archive provided by Nuxeo, the
leaders of open source ECM.
Check out the Nuxeo 5 open source,
standards-based ECM project.