[Zope-CMF] Getting rid of basic auth...

Dieter Maurer dieter@handshake.de
Thu, 15 Aug 2002 11:04:36 +0200


Jeff Ross writes:
 > Here's the situation.
 > 
 > 1) A user hits a URL requiring them to be logged in, like /folder_contents.
 > 2) They login, but they don't have permission to call the method in
 > question.
 > 3) So, they are presented the lovely Basic Authentication window.
 > 
 > How do I skip step 3, and just give them an Unauthorized message. I don't
 > want them to have to login twice!
Force "CookieCrumber" to modify the the RESPONSE object (to
raise an application specific Unauthorized page) even when it recognizes
the user.

This requires a code change. You may consider providing a patch.
Please allow the feature to be set on and off via the ZMI.


Dieter