On 05.Mai 2003 - 10:41:11, Troy Farrell wrote:
Helpful hints on figuring this whole thing out: 1) view RFC's on HTTP protocol with emphasis on http status codes 2) google search on 'WWW-Authenticate' aka basic http authentication
Yeah and I did find the info, but it didn't help me very much. I did not understand everything, but I thought it would be enough to have a script which sets the response to 401 and the header to WWW-Authentication?! But this didn't work, the message box was repeated over and over again, even though I typed the correct username and password. The only thing I see, why this happens is that users are only searched for in the first User Folder Zope finds when looking upwards from the current location. Is this true?
Using manage_zmi_logout and the zope HelpSys docs, I've come up with this script. Play with it:
## Script (Python) "authtest" ##bind container=container ##bind context=context ##bind namespace= ##bind script=script ##bind subpath=traverse_subpath ##parameters= ##title= ## request = container.REQUEST response = request.RESPONSE
response.setHeader('Content-Type','text/html')
print "<html><head><title>authtest</title><body><p>"
print "you are " + request['AUTHENTICATED_USER'].getUserName()
if request.get('AUTHENTICATED_USER').getUserName() == 'Anonymous User': print "Trying to authenticate..." response.setStatus('Unauthorized') response.setHeader('WWW-Authenticate', 'basic realm="Zope"', 1)
print "</p></body></html>" return printed
#end script
I'll try that in a minute, but I also found the Product LoginManager. And I've installed it on my Debian box, but it doesn't work for me. I replaced the acl_users Folder with a LoginManager object and did nothing more. Now if I use the standard LoginForm I can type what I want, I never get authenticated. Also the logoutForm doesn't work, it calls AUTHENTICATED_USER.logout() which Zope cannot find? Is LoginManager too old to be used with Zope 2.6? Andreas -- You have a truly strong individuality.