11 Mar
2004
11 Mar
'04
9:57 p.m.
Christoph Landwehr wrote at 2004-3-11 12:30 +0100:
unfortunately it is not that easy. If I log in as a "some_role" user, Zope behaves like I discribed. However when I log into the /manage screen as manager and than go back to type A document (no authentication necessary) I am still authenticated.
When you want to understand how most browsers work, read the HTTP 1.1 specification. Be warned, that it is not completely trivial.
... Stefan H. Holek wrote:
It is very likely that your browser only sends basic auth info when challenged by a 401. Use cookie auth (CookieCrumbler) to get around this.
-- Dieter