[Checkins] SVN: Products.PluggableAuthService/trunk/Products/PluggableAuthService/ Changed HTTPBasicAuthHelper to not rely on two obscure features of the HTTPResponse.

[Hanno Schlichting]

Log message for revision 99858:
  Changed HTTPBasicAuthHelper to not rely on two obscure features of the HTTPResponse.
  

Changed:
  U   Products.PluggableAuthService/trunk/Products/PluggableAuthService/doc/HISTORY.txt
  U   Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/HTTPBasicAuthHelper.py
  U   Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/tests/test_HTTPBasicAuthHelper.py

-=-
Modified: Products.PluggableAuthService/trunk/Products/PluggableAuthService/doc/HISTORY.txt
===================================================================
--- Products.PluggableAuthService/trunk/Products/PluggableAuthService/doc/HISTORY.txt	2009-05-11 21:38:04 UTC (rev 99857)
+++ Products.PluggableAuthService/trunk/Products/PluggableAuthService/doc/HISTORY.txt	2009-05-12 00:57:46 UTC (rev 99858)
@@ -1,6 +1,8 @@
 PluggableAuthService historic changes
 =====================================
 
+- Changed HTTPBasicAuthHelper to not rely on two obscure features of the
+  HTTPResponse.
 
 PluggableAuthService 1.4 (2006-08-28)
 -------------------------------------

Modified: Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/HTTPBasicAuthHelper.py
===================================================================
--- Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/HTTPBasicAuthHelper.py	2009-05-11 21:38:04 UTC (rev 99857)
+++ Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/HTTPBasicAuthHelper.py	2009-05-12 00:57:46 UTC (rev 99858)
@@ -17,8 +17,6 @@
 $Id$
 """
 
-from zExceptions import Unauthorized
-
 from AccessControl.SecurityInfo import ClassSecurityInfo
 from App.class_init import default__class_init__ as InitializeClass
 
@@ -99,15 +97,9 @@
         """
         realm = response.realm
         if realm:
-            response.addHeader('WWW-Authenticate',
+            response.setHeader('WWW-Authenticate',
                                'basic realm="%s"' % realm)
         m = "<strong>You are not authorized to access this resource.</strong>"
-        if response.debug_mode:
-            if response._auth:
-                m = m + '<p>\nUsername and password are not correct.'
-            else:
-                m = m + '<p>\nNo Authorization header found.'
-
         response.setBody(m, is_error=1)
         response.setStatus(401)
         return 1

Modified: Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/tests/test_HTTPBasicAuthHelper.py
===================================================================
--- Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/tests/test_HTTPBasicAuthHelper.py	2009-05-11 21:38:04 UTC (rev 99857)
+++ Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/tests/test_HTTPBasicAuthHelper.py	2009-05-12 00:57:46 UTC (rev 99858)
@@ -43,7 +43,6 @@
 
     _unauthorized_called = 0
     realm = 'unit test'
-    debug_mode = 0
     headers = {}
 
     def unauthorized( self ):
@@ -58,10 +57,6 @@
 
         self.headers[name] = value
 
-    def addHeader(self, name, value):
-
-        self.headers[name] = value
-
     def setBody(self, body, is_error=0):
         self.body = body
 
@@ -100,8 +95,6 @@
                             'remote_host': '', 'remote_address': '' } )
 
     def test_challenge( self ):
-        from zExceptions import Unauthorized
-
         helper = self._makeOne()
         request = FauxHTTPRequest()
         response = FauxHTTPResponse()