[Zope-CMF] Getting rid of basic auth...

Jeff Ross thejeffross@hotmail.com
Thu, 15 Aug 2002 14:20:51 -0700


Ok. I have the code working. If I do provide a patch, should I just replace
CookieCrumbler.py or write another class that replaces the CookieCrumbler
methods?

I would like to see this become a standard part of Zope. How would I go
about doing that?

Jeff

----- Original Message -----
From: "Dieter Maurer" <dieter@handshake.de>
To: "Jeff Ross" <thejeffross@hotmail.com>
Cc: <zope-cmf@zope.org>
Sent: Thursday, August 15, 2002 2:04 AM
Subject: Re: [Zope-CMF] Getting rid of basic auth...


> Jeff Ross writes:
>  > Here's the situation.
>  >
>  > 1) A user hits a URL requiring them to be logged in, like
/folder_contents.
>  > 2) They login, but they don't have permission to call the method in
>  > question.
>  > 3) So, they are presented the lovely Basic Authentication window.
>  >
>  > How do I skip step 3, and just give them an Unauthorized message. I
don't
>  > want them to have to login twice!
> Force "CookieCrumber" to modify the the RESPONSE object (to
> raise an application specific Unauthorized page) even when it recognizes
> the user.
>
> This requires a code change. You may consider providing a patch.
> Please allow the feature to be set on and off via the ZMI.
>
>
> Dieter
>