RE: [Zopexmlmethods-users] permission problem when importing xslt
Brought to you by:
arielpartners,
philikon
Menu
▾
▴
RE: [Zopexmlmethods-users] permission problem when importing xslt
|
From: Giuseppe B. <giu...@ti...> - 2003-08-21 21:18:54
|
Hi Craeg, thanks for pointing me in the right direction and for the complete explanation of the issue you gave. It appears I completely misunderstood your URN resolver implementation (it was my fault, I should have read the relevant docs more carefully!!!). Now everything works like a charm. Thanks !! __peppo PS: zopexmlmethods is a really useful, brilliant, well written and well documented Zope product. > -----Original Message----- > From: Craeg K Strong [mailto:cs...@ar...] > Sent: sabato 16 agosto 2003 22.25 > To: giu...@ti... > Cc: zop...@li... > Subject: Re: [Zopexmlmethods-users] permission problem when importing > xslt > > > Hello: > > In order to understand your problem, I would need to see the > URL you are > using for importing. > However, here is some information that might be helpful. > > When you make an HTTP request to Zope, you get authenticated. That > information is then > a part of the REQUEST parameter. As long as you hang on to > the REQUEST > parameter, > Zope will use the same authentication information. > > However, if you go back out and request a URL directly eg *NOT FROM A > BROWSER* > such as the following: > > xsl:include href="http://www.acme.com/foo/bar.xsl" > > you are not using the REQUEST parameter, and Zope will treat > this as an > anonymous > request. That is because the above statement translates more or less > directly to the python > > urllib.urlopen() > > -- please see the Python reference for details. > > In order to avoid this problem, you should use the URN > resolver (see the > documentation) > or relative URLs. Internally, I made ZopeXMLMethods > translate relative > URLs (or URNs) into Zope > object traversals so that the security context is maintained. > That is > the *only* way I know > how to maintain the context, otherwise it is lost and you have the > problem you observed. > While debugging ZopeXMLMethods, I saw this error message many times! > > Caveat: in order to translate relative URLs into Zope traversals, I > require certain resolver > hooks that are not available in all libraries. You should check the > documentation to see if > it is working with the library you are using. Of course, > ZopeXMLMethods > is being updated, > and the new 1.1 version is not done yet. I hope to release the new > version relatively soon, > but have been slammed with lots of client (paying) work recently. > > Hope this helps, > > --Craeg > > Giuseppe Bonelli wrote: > > >Hi all, > >I have the following permission problem I am trying to debug > and I hope > >someone can help. > > > >Here is my situation: > >I have a method which call an xslt transform (using > >FourSuite11Processor) and everything goes well unless when the xslt > >import another xsl via <xsl:import href="..."/> (yes, the > URI passed for > >resolving imports is correct). > > > >In this case, an extra authorization step is required from within the > >python console (_not_ through Zope login widget), after > which everything > >works normally. > > > >In the log a got the following entry (styleSheet.xsl is the xsl being > >imported from the calling xsl): > > > >127.0.0.1 - Anonymous [12/Aug/2003:13:58:25 +0200] "GET > styleSheet.xsl > >HTTP/1.0" 401 803 "" "Python-urllib/1.15" > > > >Obviously I already authenticated myself when starting the > Zope session. > > > >It seems the security context gets lost when importing, but I cannot > >understand how can I resolve this. > > > >I am probably missing something very simple, ... but I don't > get it !! > > > >Any ideas ? > > > >I am using 1-1-0a. > > > >Thanks, > > > >__peppo > > > > > > > > > > > > |
