[Zope-CMF] Verifying a user based on __ac and __ac_name
Sun, 21 Apr 2002 21:05:53 +0200
Gitte Wange writes:
> From: "Tres Seaver" <firstname.lastname@example.org>
> > ...
> > If you send the cookies with the 'Cookie:' header, then you *will* be
> > authenticated: that is what the CookieCrumbler does. Perhaps you have
> > spelled the header name oddly (e.g., 'HTTP_COOKIE' won't work).
> All I can do is putting a value in a hidden field in the checkout form.
> Here I have putted the data from the request/HTTP_COOKIE variable.
> So when the payment server fetches the reciept page the is a variable in the
> request object named 'session' where the values from request/HTTP_COOKIE is
> stored ...
Can you name you hidden variable "HTTP_COOKIE"?
Tres says that if you succeed, the payment server request
may be automatically logged in as your user.