I'd like to provide a link, whereby clicking it would generate a login prompt and then return to the calling page. I thought I'd just create a script, viewable by only the people in the role that I want to login. I did this, and tried just to use, context.REQUEST.RESPONSE.redirect(context.REQUEST['HTTP_REFERER']) This doesn't work. Or I should say, it half works. If the login is successful, the page is returned but the user object hasn't been updated (has_roles() doesn't work) and subsiquent clicks of the link don't prompt for authentication. Can anyone tell me why this isn't doing what I want it to, or how to create a simple "click here to login" script? Cheers, -- Bryan C. Andregg Duke University Medical Center Programmer Dept. of Anesthesiology e <bryan.andregg@duke.edu> p +1 919 684 6201
Bryan C. Andregg wrote at 2003-3-14 08:58 -0500:
I'd like to provide a link, whereby clicking it would generate a login prompt and then return to the calling page.
I thought I'd just create a script, viewable by only the people in the role that I want to login.
I did this, and tried just to use,
context.REQUEST.RESPONSE.redirect(context.REQUEST['HTTP_REFERER'])
This doesn't work. Or I should say, it half works. If the login is successful, the page is returned but the user object hasn't been updated (has_roles() doesn't work) and subsiquent clicks of the link don't prompt for authentication.
A typical HTTP authentication behaviour: Login information is automatically send to the subhierarchy rooted in the parent of the object that did require the authentication. The HTTP 1.1 specification tells you more (if it is not enough). Dieter
On Fri, Mar 14, 2003 at 11:14:28PM +0100, Dieter Maurer mailed:
Bryan C. Andregg wrote at 2003-3-14 08:58 -0500:
This doesn't work. Or I should say, it half works. If the login is successful, the page is returned but the user object hasn't been updated (has_roles() doesn't work) and subsiquent clicks of the link don't prompt for authentication.
A typical HTTP authentication behaviour:
Login information is automatically send to the subhierarchy rooted in the parent of the object that did require the authentication.
I understand that, but if the client is sending the Login information and it's valid, then why doesn't Zope return the requested page using the login information? -- Bryan C. Andregg Duke University Medical Center Programmer Dept. of Anesthesiology e <bryan.andregg@duke.edu> p +1 919 684 6201
Bryan C. Andregg wrote at 2003-3-17 09:08 -0500:
A typical HTTP authentication behaviour:
Login information is automatically send to the subhierarchy rooted in the parent of the object that did require the authentication.
I understand that, but if the client is sending the Login information and it's valid, then why doesn't Zope return the requested page using the login information?
Hm, I suggested that the client *does not* send the login information... It sends it only into the subhierarchie containing the URL that requested authentication. Dieter
participants (2)
-
Bryan C. Andregg -
Dieter Maurer