"Evan" == Evan Simpson <evan@4-am.com> writes:
Evan> I got tired of dealing with the weird mechanics cookie-based Evan> logins have to deal with, where standard_html_error and Evan> tracebacks intrude on login intercepts. I came up with the Evan> following minor change, which works great for me, and might make Evan> GenericUserFolder's job easier, too. Evan> In ZPublisher/HTTPRequest.py (or SiteAccess/ChangeBehaviors.py, Evan> if you use SiteAccess), change the lines: Evan> if user is None and roles != UNSPECIFIED_ROLES: Evan> response.unauthorized() to: if user is None and roles != Evan> UNSPECIFIED_ROLES: object = response.unauthorized Evan> Under normal circumstances, this has no effect, since Evan> 'response.unauthorized' will be called as soon as it is returned Evan> and will raise its exception as usual. Now however, we add a Evan> twist; When the cookie-based authenticator fails, it replaces Evan> 'response.unauthorized' with its 'login' document. If no Evan> higher-level authentication succeeds, the 'login' document is Evan> rendered normally. Since 'response' is re-created with each Evan> request, this modification has no effect beyond the current Evan> request. Evan> What do you folks think? Nice. I wouldn't mind seeing this go into next release of GUF. /bart -- caffeine low .... brain halted
On 12 Jan 2000, Esben Haabendal Soerensen wrote:
Evan> I got tired of dealing with the weird mechanics cookie-based Evan> logins have to deal with, where standard_html_error and Evan> tracebacks intrude on login intercepts. I came up with the Evan> following minor change, which works great for me, and might make Evan> GenericUserFolder's job easier, too.
Evan> What do you folks think?
Evan - If it works like you say, it will mean I get to strip quite a bit of ugly code out of GUF (or at least skip it if the Zope version number is high enough) :-) I have no time atm though to check for sure...
Nice. I wouldn't mind seeing this go into next release of GUF.
I would want this patch to be part of an official Zope release first - I don't want to have part of my installation instruction involve patching sections of DC's code :-) It might be possible to intigrate with SiteAccess without the patch being released by DC - I would need to ensure GUF works without it though (since I have no need of SiteAccess on my own site atm). -- ___ // Zen (alias Stuart Bishop) Work: zen@cs.rmit.edu.au // E N Senior Systems Alchemist Play: zen@shangri-la.dropbear.id.au //__ Computer Science, RMIT WWW: http://www.cs.rmit.edu.au/~zen
participants (2)
-
Esben Haabendal Soerensen -
Stuart 'Zen' Bishop