[Zope-PAS] Basic auth/challenge problem

Fri Jun 12 09:32:49 EDT 2009

That's right, PAS isn't challenging the client. I dug a little  
further, and it seems that ChallengeProtocolChooser's protocol mapping  
doesn't include {'Browser':['http']} (it only has keys 'WebDAV',  
'FTP', 'XML-RPC').

If I stick that mapping in manually, the second request authenticates  
(the first request, as you say, doesn't interact with PAS at all).

So, at a high level, what am I missing such that that protocol mapping  
isn't in there?

My active plugins:
Extraction Plugins: basicAuthHelper cookieAuthHelper
Authentication: userManager	
Challenge: basicAuthHelper
Challenge_Protocol_Chooser: protocolChooser
Request_Type_Sniffer: requestTypeSniffer

--Ian

On Jun 12, 2009, at 9:17 AM, Willi Langenberger wrote:

> According to Ian McCracken:
>> For example, I'm doing:
>>
>> wget --user myuser --password mypassword http://localhost:8080/path/to/thing
>>
>> I threw a breakpoint in ZPublisher/HTTPRequest.py:275 to see what  
>> auth
>> information was in the request environment; there is none. I also
>> tried wget http://user:pass@localhost:8080/, just for kicks, but of
>> course the same problem.
>
> Hm. What is the exact output from
>
>  wget -S --user myuser --password mypass http://localhost:8080/path/to/thing
>
> in both cases (2.8.8/1.4 and 2.11.2/1.5.3) ?
>
> As far as I know, wget doesnt send the credentials on the first
> request. Instead, it sends them only if it gets a 401 ("authorization
> required") response.
>
> So it could be perfectly ok that you see no auth data at the
> HTTPRequest breakpoint (if it is the first request). BTW, i think at  
> the
> time your breakpoint is hit, there was no interaction with PAS.
>
> It seems, that your PAS doesnt challenge the client with a 401
> response.
>
> Have you activated the PAS "challenge plugin"?
>
>
> \wlang{}
>
> -- 
> Willi.Langenberger at wu.ac.at             Fax: +43/1/31336/9207
> IT-Services,     WU Wirtschaftsuniversitaet Wien,     Austria