FW: [Zope-CMF] Publishing CMF Objects with ZPublisher.Client

Doyon, Jean-Francois Jean-Francois.Doyon@CCRS.NRCan.gc.ca
Mon, 14 Jan 2002 14:40:05 -0500


Tres,

Thanks! I just figured it out my self finally (That is was the Cookie
Crumbler getting in the way). I just deleted it for now.

XML-RPC? Is that what ZPublisher is using?

Right now I still have the problem that ZPublisher croaks on all 302's ...
The thing is once the object is created, Zope still returns a 302 to
redirect to the manage_main form, not the nicest way to do it it seems.

Knowing this now though, I should be able to implement my own POSTing logic
using urllib2 directly instead of going through the ZPublisher client.

Thanks for everything!

J.F.

-----Original Message-----
From: Tres Seaver [mailto:tseaver@palladion.com]
Sent: Monday, January 14, 2002 2:32 PM
To: Doyon, Jean-Francois
Cc: 'zope-cmf@zope.org'
Subject: Re: FW: [Zope-CMF] Publishing CMF Objects with
ZPublisher.Client


Doyon, Jean-Francois wrote:

> Hello,
> 
> OK, I've figured out what the problem is, but have no idea WHY.
> 
> It looks like that 302 error occurs because Zope is redirecting the client
> agent to the login form!
> 
> What I don't understand is why, since proper credentials were provided.
> 
> I tried writing a "load_site" using urllib2, and also in Perl, and I
allways
> end up with the same problem: redirected to the login page!
> 
> Does anybody know why this wouldn't work from urllib2 or LWP::UserAgent,
but
> works fine in the web browser?  I'm wondering if it might have something
to
> do with HTTP/1.0 versus 1.1 ... Or does POSTing handle Auth differently?
> 
> Any help would be greatly appreciated!

Correct implementations of HTTP Basic Auth treat it as a
"challenge-response"
protocol;  until the server challenges, the client is not supposed to send
credentials.

The CMF's CookieCrumbler can interfere with such clients, as it intercepts
Unauthorized errors and redirects to the login form.  We have added code
to the CookieCrumbler to work around this problem for WebDAV and FTP, but
hadn't noticed that it was blocking XML-RPC until now.

To work around the problem, delete the 'Auto login form' entry from the
CookieCrumbler's properties form.

Tres.
-- 
===============================================================
Tres Seaver                                tseaver@zope.com
Zope Corporation      "Zope Dealers"       http://www.zope.com