"Evan" == Evan Simpson <evan@4-am.com> writes:
Evan> I got tired of dealing with the weird mechanics cookie-based Evan> logins have to deal with, where standard_html_error and Evan> tracebacks intrude on login intercepts. I came up with the Evan> following minor change, which works great for me, and might make Evan> GenericUserFolder's job easier, too. Evan> In ZPublisher/HTTPRequest.py (or SiteAccess/ChangeBehaviors.py, Evan> if you use SiteAccess), change the lines: Evan> if user is None and roles != UNSPECIFIED_ROLES: Evan> response.unauthorized() to: if user is None and roles != Evan> UNSPECIFIED_ROLES: object = response.unauthorized Evan> Under normal circumstances, this has no effect, since Evan> 'response.unauthorized' will be called as soon as it is returned Evan> and will raise its exception as usual. Now however, we add a Evan> twist; When the cookie-based authenticator fails, it replaces Evan> 'response.unauthorized' with its 'login' document. If no Evan> higher-level authentication succeeds, the 'login' document is Evan> rendered normally. Since 'response' is re-created with each Evan> request, this modification has no effect beyond the current Evan> request. Evan> What do you folks think? Nice. I wouldn't mind seeing this go into next release of GUF. /bart -- caffeine low .... brain halted