I'm having some problems in my ZPublisher application concerning authentication. In short it compiles to the following: - When a user connects to the application, an authentication is forced and the user logs in. - After a while, if the user wants to re-authenticate (in order to use a different userid), he/she has to close the browser in order to get a new login window. This is considered painfull. Is there a way to force re-authentication without leaving the browser (Mozilla)? Thx in advance. -- Pieter J. Kersten; Erasmus Universiteit Rotterdam, dept. DI&A/S&N, WH2-20, B. Oudlaan 50, 3062 PA Rotterdam, Netherlands; Voice: +31-10-4082599; Fax: +31-10-4527236
Pieter J. Kersten wrote:
I'm having some problems in my ZPublisher application concerning authentication.
In short it compiles to the following: - When a user connects to the application, an authentication is forced and the user logs in. - After a while, if the user wants to re-authenticate (in order to use a different userid), he/she has to close the browser in order to get a new login window.
This is considered painfull. Is there a way to force re-authentication without leaving the browser (Mozilla)?
I have been told that this can be done by changing the Domain (defined by __bobo_realm__ in bobo, probably the same in Zope ?) But how to change __bobo_realm__ on the fly, at the right time and per-user basis I have not yet figured out. If you can accept irritating your users with An authentication error AlertBox, you can probably just manually have your __allow_groups__ function to deny access for certain urls. ------------------ Hannu
On Tue, 26 Jan 1999, Pieter J. Kersten wrote:
In short it compiles to the following: - When a user connects to the application, an authentication is forced and the user logs in. - After a while, if the user wants to re-authenticate (in order to use a different userid), he/she has to close the browser in order to get a new login window.
This is considered painfull. Is there a way to force re-authentication without leaving the browser (Mozilla)?
Well, you can always make up a function/method that always raises an Unauthorized exception. This will bring up the login window, though you'll have to canel it (even though you kill it, it will clear or change the uid:pwd info in the browser cache). --- John Eikenberry [jae@taos.kavi.com - http://taos.kavi.com/~jae/] ______________________________________________________________ "A society that will trade a little liberty for a little order will deserve neither and lose both." --B. Franklin
participants (3)
-
Hannu Krosing -
John Eikenberry -
Pieter J. Kersten