[Zope-CMF] Re: Cookie Crumbler Issues

Chris Withers chrisw@nipltd.com
Wed, 15 May 2002 09:21:54 +0100


Luca Olivetti wrote:
> 
> Shane Hathaway wrote:
> 
> >
> > This is by design.  If you're logged in but you try to access something
> > you shouldn't, normally it's better to get a message explaining why,
> > then ask the site manager to fix the site so the offending link doesn't
> > get presented to you.
> >
> > That's the theory, anyway.  In practice it's not so simple. :-)  So
> > CookieCrumbler 0.5 has an option to "always redirect" (or something like
> > that).  Turn it on and see if it behaves the way you expect.  Keep in
> > mind that it prevents you from seeing the reason access is denied, and
> > there's no good way around that right now.
> 
> I'd much prefer an option to directly show the "unauthorized" message in
> this case.
> Presenting the user a new login screen (either a form or a basic
> authentication request) is confusing.

Yup.

Unless anyone tells me not too, I'll merge Shane's updated CookieCrumbler into the CMF
HEAD and see if I can add the functionality Luca requested...

Now would be a good time to shout ;-)

cheers,

Chris