[Zope-CMF] strange problem with change_password

[Dieter Maurer]

Nicolas Romero writes:
 > ...
 > Jens> secondly, if you use basic auth and the user changes their password
 > Jens> while logged in there really is no way around seeing the password box.
 > 
 > I don't understand this. Do you mean that the password change has to
 > be only done in Anonymous ? How to achieve that (how can I change my
 > pwd if i'm not logged in) ?
When you use "basic authentication", the browser automatically
sends authentication information.

Of course, the browser does not know, when the password is changed.
The next time, it presents the now stale information, Zope
will issue an "Unauthorized" response and the browser will pop up
the login dialog.

  This is unavoidable as the browser must learn about the new
  password.


Dieter