Plone content externally published asking password at times

Question

I'm having a strange issue with Plone content.

1) Sometimes a few pages that are externally visible cannot be accessed by non-authenticated users without Plone asking a username/password. These same pages could be accessed by anonymous users before.

2) When authenticated member just opens one of these pages in his navigator, the anonymous users can access the page again - until the same problem occurs again, normally after some days.

I have yet to understand when / which cases does this shift from "being available for anonymous" to "not available" happens. The "official state" of the content item stays always the same as "externally visible" (using the default Plone intranet workflow).

Plone version 4.2.0.1.

Answer 1

Even though the page itself is available to anonymous user a badly coded site might contains elements (viewlets, portlets) which trigger Unauthorized exception and redirect user to the login page. For example, a custom news listing incorrectly refers to a unpublished news item and when anonymous user tries to read data from this item an Unauthorized exception is occured.

The best way to debug this issue is to enabled logging of Unauthorized exceptions in Zope Management Interface *error_log* service and see what Python code actually causes the login page to show up.

However, vanilla Plone installation should have not this behavior. It comes to down customizations.

One possible reason for 2) is that your front-end web server or cache is badly configured and it servers cached "logged in" page for anonymous user. For debugging purposes I suggest you directly access the site over Zope port and skip all front end web servers in the debugging chain for starters.