[Zope-CMF] Verifying a user based on __ac and __ac_name
Mon, 22 Apr 2002 00:05:02 +0200
----- Original Message -----
From: "Dieter Maurer" <firstname.lastname@example.org>
To: "Gitte Wange" <email@example.com>
Sent: Sunday, April 21, 2002 9:05 PM
Subject: Re: [Zope-CMF] Verifying a user based on __ac and __ac_name
> Gitte Wange writes:
> > From: "Tres Seaver" <firstname.lastname@example.org>
> > > ...
> > > If you send the cookies with the 'Cookie:' header, then you *will* be
> > > authenticated: that is what the CookieCrumbler does. Perhaps you have
> > > spelled the header name oddly (e.g., 'HTTP_COOKIE' won't work).
> > All I can do is putting a value in a hidden field in the checkout form.
> > Here I have putted the data from the request/HTTP_COOKIE variable.
> > So when the payment server fetches the reciept page the is a variable
> > request object named 'session' where the values from
> > stored ...
> Can you name you hidden variable "HTTP_COOKIE"?
> Tres says that if you succeed, the payment server request
> may be automatically logged in as your user.
I store the content from HTTP_COOKIE in a request variable named session.
This is sent to the payment server and is returned again to the receipt page
>From that variable I can extract the __ac_name and __ac variables ..