You are not logged in Log in Join
You are here: Home » Members » Toby Dickenson » NTUserFolder » NTUserFolder incompatability

Log in
Name

Password

 
 

NTUserFolder incompatability

NTUserFolder is not fully compatible with the security changes made in Zope 2.2.

A goal of NTUserFolder is that Zope permissions can be derived from NT Groups. This is implemented by Zope impersonating the authenticated user, and trying to read a registry key.

Zope 2.2, and later, enhanced the zope security model by restricting 'executable' content such as dtml so that it could only call methods accessible to both the reader and author. Unfortunately, any permissions that the author may have derived from his NT Groups will not be available when someone else is reading his dtml.

Apart from this limitation, it should be possible to use NTUserFolder with later versions of Zope. However, the current version has only been tested versions before 2.2