"John" == John Eikenberry <jae@kavi.com> writes:
John> ZServer probably raises an Unauthorized exception and this John> causes it to skip the code that puts the WWW-authenticate in John> the headers. I found this after running into a similar problem John> with Bobo (my realm wasn't getting set, which I needed). I was John> raising an Unauthorized exception in my validation method (the John> method that gets called to authenticate the users). The John> exception isn't caught by the code in ZPublisher.Publish (see John> below) and passes right through to the response code (in John> ZPublisher.Response). Like yourself, I'm using a custom validate() method. However, my validate() method doesn't raise Unauthorized upon error -- instead it returns None. John> If this is the problem, a temporary fix might be to wrap the John> call to the validation in a try: except 'Unauthorized': John> ... check out lines 520-536 in ZPublisher.Publish. I would John> submit a patch, but I haven't had time to see if this would John> break anything else. John> The validate method gets called at line 520: John> else: user=v(request, auth, roles) John> ^-the validate method John> On line 535-536 is where the method gets called John> (self.unauthorized()) which puts the WWW-authenticate in the John> header... John> if user is None and roles != UNSPECIFIED_ROLES: John> self.unauthorized(realm,debug_mode) I see what you're saying, however since my function returns None, it should work. The reason I reported this as a ZServer bug is because when using ZopeHTTPServer everything works fine and the Www-Authenticate header is set correctly. The header is just not produced when publishing the same module using ZServer, which is why I'm blaming ZServer (although I haven't delved too deeply into the code to work out the exact problem). - Andrew -- #!/usr/bin/env python print(lambda s:s+"("+`s`+")")\ ('#!/usr/bin/env python\012print(lambda s:s+"("+`s`+")")\\\012') print(lambda x:x%`x`)('print(lambda x:x%%`x`)(%s)')
participants (1)
-
ajs@pigpond.com