Second siteaccess always asks for login (3.50rc2)

Author Message

Ulrich L.

Thursday 16 December 2004 5:04:30 am

Hi,
I built a size with the wizard (installer for testing only).
I called the wizard-generated siteaccess "first".
Then I added a second by copying the "siteaccess/first" folder and renaming it to "siteaccess/second".
I changed override/site.ini, this file looks now like this:

<?php /* #?ini charset="iso-8859-1"?

[ExtensionSettings]
ActiveExtensions[]=ezpaypal

[Session]
SessionNameHandler=custom

[SiteSettings]
DefaultAccess=first
SiteList[]=first
SiteList[]=second

[SiteAccessSettings]
CheckValidity=false
AvailableSiteAccessList[]=first
AvailableSiteAccessList[]=second
AvailableSiteAccessList[]=cms_admin
MatchOrder=uri
HostMatchMapItems[]

[MailSettings]
Transport=SMTP
TransportServer=
TransportUser=
TransportPassword=
AdminEmail=abc@xyz.com
EmailSender=
*/ ?>

The site.ini of the siteaccesses looks like:

<?php /* #?ini charset="iso-8859-1"?

[DatabaseSettings]
DatabaseImplementation=ezmysql
Server=localhost
User=root
Password=
Database=shop
Charset=
Socket=disabled

[InformationCollectionSettings]
EmailReceiver=

[SiteSettings]
SiteName=Shop
SiteURL=localhost/index.php
LoginPage=embedded

[UserSettings]
RegistrationEmail=

[SiteAccessSettings]
RequireUserLogin=false
ShowHiddenNodes=false

[DesignSettings]
SiteDesign=shop
AdditionalSiteDesignList[]=base

[RegionalSettings]
Locale=eng-GB
ContentObjectLocale=eng-GB
TextTranslation=disabled

[FileSettings]
VarDir=var/shop

[ContentSettings]
TranslationList=

[MailSettings]
AdminEmail=abc@xyz.com
EmailSender=
*/ ?>

I can enter siteaccess "first", but when entering "second", I get a request to login.
"Access denied
You don't have permission to access this area.
Possible reasons for this is.
You are currently not logged in to the site, to get proper access create a new user or login with an existing user.
You misspelled some parts of your URL, try changing it."

After having logged in, I can visit siteaccess "second".

Why behaves the system like this? How can I make the second siteaccess normal available?
Thanks for help, Uli.

Daniele P.

Thursday 16 December 2004 7:08:13 am

Always check in the bug database before posting.
There are a lot of new and open bugs.

My be the same:
http://ez.no/community/forum/install_configuration/3_5_0rc2_anonymous_permanently_gets_access_denied
http://ez.no/community/bugs/access_denied_for_anonymous_user

Ulrich L.

Thursday 16 December 2004 11:23:27 pm

Thanks for your hint.
Changing user - anonymus - role - user - login to siteaccess "any" instead of a certain specified siteaccess, as it came up by default, makes the new siteaccess work.
Does this imply any unwanted sideeffects?
3.4.4 behaved differently.

Daniele P.

Friday 17 December 2004 12:22:25 am

> Does this imply any unwanted sideeffects?
I don't know, the eZ publish behaviour is not fullly documented.
The bug is open so this isn't normal...

Frederik Holljen

Friday 17 December 2004 4:07:10 am

The behavior you are seeing is perfectly normal. What we have changed prior to earlier versions is that the setup wizard will not give user/login/* permissions. Instead it will create login permissions only on the siteaccesses it has generated. This improves the security of the default installation.

Daniele P.

Friday 17 December 2004 4:51:10 am

> The behavior you are seeing is perfectly normal.

Sorry but I can't understand.

There is one unanswered question in my bug report:
Why user/login is needed to view the content? For this isn't enough content/read?

Now user/login is required for allowing access to anonymous user!

But if you want to allow anonymous read and disallow user/login for a siteaccess?

Frederik Holljen

Friday 17 December 2004 6:19:27 am

Daniele,

There is some confusion to the function of user/login due to it's naming.
Here is how it works:
- a user (which is not disabled) is always allowed to log in using the username/password field if the user/login is set except for the anonymous user who can not log in (no passwords are accepted)
- The user/login setting also controls if that user is able to see anything in that siteaccess at all.

Daniele P.

Friday 17 December 2004 6:32:27 am

Thanks for the explanation Frederik,
now is clear but is better to add some documentation somewhere. (i.e. in Tutorial and multilingual docs)
In few days three different person make the same confusion.
By the way the name don't suggest what you could expect, so
why not change it into more clear (ie. user/access).

Powered by eZ Publish™ CMS Open Source Web Content Management. Copyright © 1999-2014 eZ Systems AS (except where otherwise noted). All rights reserved.