Pablo Ziliani wrote at 2004-12-9 18:02 -0300:
... Knowing the basics, my search is for specific CC documetation. In theory, it has to be documented somewhere, as many people seems to be using it... Anyone can help?
Most people can use Cookie Crumbler without any deeper information -- it just works. Most people that need deeper information look at the source or ask a concrete question in a mailing list ;-) In fact, what Cookie Crumber (essentially) does is quite simple: When "Cookie Crumber" does not see an "Authorization" header but its authentication cookie, it uses the cookie value to provide an "Authorization" header. (It uses a higl level interface to the "__before_publishing_traverse__" hook to intercept requests). Moreover, (in some cases) it redefines "RESPONSE.unauthorized". This is the RESPONSE method that gets called when the ZPublisher gets an "Unauthorized" exception back. The redefinition presents the Cookie Crumblers login page instead of the normal 401 response. What more do you need? -- Dieter