John Eikenberry wrote:
I figured out why the realm wasn't being set. It turns out that if you raise an 'Unauthorized' exception in your custom validation method, it skips the code that adds the realm to the http header info in cgi_module_publisher (bobo) or ZPublisher.Publish (zope).
Ah. Yes. This really needs to be fixed. Somewhere in the publishing machinery, something needs to make sure that the Authenticate header is set when an Unauthorized error is raised. Jim -- Jim Fulton mailto:jim@digicool.com Technical Director (888) 344-4332 Python Powered! Digital Creations http://www.digicool.com http://www.python.org Under US Code Title 47, Sec.227(b)(1)(C), Sec.227(a)(2)(B) This email address may not be added to any commercial mail list with out my permission. Violation of my privacy with advertising or SPAM will result in a suit for a MINIMUM of $500 damages/incident, $1500 for repeats.