[Grok-dev] Authorization issue With grokproject created instance and wsgi

[Uli Fouquet]

Hi there,

Michael Haubenwallner wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Uli Fouquet wrote:
> > Currently the default view of grokui.admin redirects to 'applications'
> > view. We could make it display a more or less empty, public entry page
> > with a link to @@login.html. This wouldn't fix the actual problem, but
> > most new users would not get stuck on initial use of debug.ini.
> > 
> 
> We could register a 'login.html' and after successful login redirect to
> /applications.

Unfortunately you're not done dropping a login.html. The appropriate
template has to be registered with the main authentication utility and
in the authentication utility you have to enable session based
authentication first.

I already tried to introduce that some time ago and it resulted in
terrrible side effects like users not able to login after an update etc.

I'd prefer not to fiddle around with the PAU.

In the beginning I thought that session-based authentication is enabled
automatically, but this seems not to be true.

What we could do instead: in the (then public) index-view check, whether
the user is authenticated and if not, redirect to '@@login.html', which
also pops up a basic-auth box but also works with the debugger.

For some reason (I'd be interested to know, but yet don't) in this case
basic-auth works without triggering an Unauthorized exception.

This fix could be done with two or three lines of code and would at
least enable people to go to 'localhost:8080' and authenticate
themselves.

Other protected URLs would, however, still trigger the debugger.

What do you think?

Best regards,

-- 
Uli

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://mail.zope.org/pipermail/grok-dev/attachments/20090305/8908b094/attachment-0001.bin