The redirection is probably an exception. Session data is transactional, so it isn't committed when an exception is raised. I don't have a quick solution for you, but this is likely the cause. On Tue, 2004-06-15 at 01:06, Samir Mishra wrote:
Hi all,
Been trying this forever now, and can't get it to work. I have a login page LOGIN that I get to from another page USERINFO that's a form. A user cannot go to LOGIN directly, they will be redirected to USERINFO. LOGIN is also the default page for CookieCrumbler.
After users enter info in LOGIN, they're directed to a protected page. Everything works OK if the user enters the correct username/password, and they automatically log in.
If a user enters incorrect user credentials, they are redirected back to LOGIN. Again, this is OK. The problem is, the redirection strips off all the REQUEST variables, including the REQUEST.SESSION data, where I'm storing other session information. The Session ID shows up as having changed!
My question is - is there a way to fix this, so that during the post-login failure redirect to LOGIN, all of the request/Session information/variables is retained?
TIA.
Samir
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )