[Zope3-dev] Catching Unauthorized
Sidnei da Silva
sidnei@x3ng.com
Sat, 29 Mar 2003 14:30:06 -0300
On Sat, Mar 29, 2003 at 10:29:26AM -0300, Sidnei da Silva wrote:
| Hi, its me again.
|
| While working on MKCOL yesterday, I found out that currently Zope isnt
| sending basic auth request when raising unauthorized. I traced the
| problem down to zope/app/publication/http.py. If I catch unauthorized on
| HTTPPublication, where we are doing "ob - getattr(ob, request.method)" and
| "return request.unauthorized('basic realm="Zope"')" then it works just
| fine.
|
| My questions are: Is this intentional? Why when I use browser to go to
| /manage I get basic auth? Should I commit this fix?
Well, Ive digged into the issue a bit more and found a better
fix. zopepublication already searches for a view when it finds an
exception, but httppublication overrides the callObject method in a
way that it wasnt possible to build a view for the exception. I
changed httppublication to check if the object being published is a
view for an exception and behave accordingly, providing a view for
Unauthorized that does basic auth.
For those interested in seeing what we are doing, we have OPTIONS,
PROPFIND (mostly), and MKCOL implemented right now on the
moztopsupport package (http://cvs.zope.org/Packages/Moztop) and were
planning to get it to a fully working DAV 1 implementation at least.
[]'s
--
Sidnei da Silva (dreamcatcher) <sidnei@x3ng.com.br>
X3ng Web Technology <http://www.x3ng.com.br>
GNU/Linux user 257852
Debian GNU/Linux 3.0 (Sid) 2.4.18 ppc
Any given program will expand to fill available memory.