On Tue, 2002-07-09 at 19:10, Dieter Maurer wrote:
Thierry Florac writes:
I'd like to keep authentication values persistent in a session, so that authentication values can be visible while accessing non protected documents or methods. I tried to do this in a Python script :
request = context.REQUEST session = request['SESSION'] session['AUTHENTICATED_USER'] = request['AUTHENTICATED_USER']
but then I receive an error message : Error Type: UnpickleableError Error Value: Cannot pickle objects "request['AUTHENTICATED_USER']" is a complex object which cannot be stored inside ZODB.
When you want to store the user name, use "request['AUTHENTICATED_USER'].getUserName()".
I've finally decided to try the ZSession product, which can store complex objects like AuthenticatedUser. It seems to work as specified above... My only problem now is that I can do : - a "login" method, prohibited to anonymous users, which can do "zsession.set ('AUTHENTICATED_USER', request['AUTHENTICATED_USER'])" => OK - a "logout" method, which can do "zsession.delete ('AUTHENTICATED_USER')" => OK But if a user do a login/logout and login again, authentication dialog is shown only on the first login ; on the second one, previous authentication is send by the navigator automatically, so that the user can't login with a different user name without exiting completely from his navigator. How could I handle this ??? Is it possible to remove all authentication informations from the navigator without displaying any error message ??? Thanks, Thierry