Bobo/realm? [resolved]
I figured out why the realm wasn't being set. It turns out that if you raise an 'Unauthorized' exception in your custom validation method, it skips the code that adds the realm to the http header info in cgi_module_publisher (bobo) or ZPublisher.Publish (zope). The solution was to change the 'raise "Unauthorized"' to 'return None'. I originally used the Unauthorized exception as it seemed a way to shortcut bobo from looking up the containment hierarchy for other user databases. Just thought I'd pass the solution along to complete the thread. :) --- John Eikenberry [jae@taos.kavi.com - http://taos.kavi.com/~jae/] ______________________________________________________________ "A society that will trade a little liberty for a little order will deserve neither and lose both." --B. Franklin
John Eikenberry wrote:
I figured out why the realm wasn't being set. It turns out that if you raise an 'Unauthorized' exception in your custom validation method, it skips the code that adds the realm to the http header info in cgi_module_publisher (bobo) or ZPublisher.Publish (zope).
Ah. Yes. This really needs to be fixed. Somewhere in the publishing machinery, something needs to make sure that the Authenticate header is set when an Unauthorized error is raised. Jim -- Jim Fulton mailto:jim@digicool.com Technical Director (888) 344-4332 Python Powered! Digital Creations http://www.digicool.com http://www.python.org Under US Code Title 47, Sec.227(b)(1)(C), Sec.227(a)(2)(B) This email address may not be added to any commercial mail list with out my permission. Violation of my privacy with advertising or SPAM will result in a suit for a MINIMUM of $500 damages/incident, $1500 for repeats.
participants (2)
-
Jim Fulton -
John Eikenberry