23 Sep
2003
23 Sep
'03
9:15 p.m.
In some case, you want to take special actions once the user has been determined at the end of traversal. You may, e.g., want to deny Manager role to any non HTTPS request. This patch adds support for a *post authentication hook*. It adds code to the 'validated_hook', called when the user is successfully authenticated. The code tries to acquire an object 'post_authentication_hook' from 'request.PARENTS[0]'. If this is successful, it calls this object with the arguments 'request' and 'user'. Usually, this call will raise Unauthorized when it has objections against the request. Download: <http://www.dieter.handshake.de/pyprojects/zope/postauth.pat> Dieter