# HG changeset patch
# User root@tuxserve03.mpiwg-berlin.mpg.de
# Date 1352480711 -3600
# Node ID 279473355e9b715816961c13ceac1d981b0550d4
# Parent  17bbd5e80d15cd5d027d8ad7b58f5d79faac40c9
authentication works with hierarchy of acl_users now.

diff -r 17bbd5e80d15 -r 279473355e9b AuthTokenGenerator.py
--- a/AuthTokenGenerator.py	Tue Oct 30 20:20:31 2012 +0100
+++ b/AuthTokenGenerator.py	Fri Nov 09 18:05:11 2012 +0100
@@ -3,6 +3,7 @@
 from OFS.PropertyManager import PropertyManager
 from AccessControl import getSecurityManager
 from zExceptions import Unauthorized
+from Acquisition import aq_chain
 
 import logging
 import datetime
@@ -77,7 +78,6 @@
         else:
             self.REQUEST.RESPONSE.setStatus('Unauthorized')
             return "Please Authenticate!"
-        
 
     def _user_allowed(self, user=None, password=None):
         # check the login
@@ -95,9 +95,16 @@
         
         if password:
             logging.debug("trying password")
-            # TODO: should we care about aquisition?
-            authuser = self.acl_users.authenticate(user, password, None)
-            return authuser
+            # try all user folders in aq_chain
+            authuser = None
+            userfolder = None
+            for ctx in aq_chain(self):
+                new_uf = getattr(ctx, 'acl_users', None)
+                if new_uf != userfolder:
+                    userfolder = new_uf
+                    authuser = userfolder.authenticate(user, password, None)
+                    if authuser is not None:
+                        return authuser
             
         return None
 
diff -r 17bbd5e80d15 -r 279473355e9b version.txt
--- a/version.txt	Tue Oct 30 20:20:31 2012 +0100
+++ b/version.txt	Fri Nov 09 18:05:11 2012 +0100
@@ -1,1 +1,1 @@
-0.5
\ No newline at end of file
+0.6