[Zope-CVS] SVN: PluggableAuthService/trunk/__init__.py - more
fixing of manage_zmi_logout: Stop trying to be clever about the
Jens Vagelpohl
jens at dataflake.org
Sat Feb 25 15:21:17 EST 2006
Log message for revision 65470:
- more fixing of manage_zmi_logout: Stop trying to be clever about the
referer - this simply cannot work. Calling RESPONSE.redirect will lead to
unexpected views being loaded and it destroys the 401 response code
that is needed to make the browser forget basic auth credentials.
Changed:
U PluggableAuthService/trunk/__init__.py
-=-
Modified: PluggableAuthService/trunk/__init__.py
===================================================================
--- PluggableAuthService/trunk/__init__.py 2006-02-25 20:21:06 UTC (rev 65469)
+++ PluggableAuthService/trunk/__init__.py 2006-02-25 20:21:17 UTC (rev 65470)
@@ -82,18 +82,18 @@
p = getattr(REQUEST, '_logout_path', None)
if p is not None:
return apply(self.restrictedTraverse(p))
+
acl_users = self.acl_users
+ realm=RESPONSE.realm
+ RESPONSE.setHeader('WWW-Authenticate', 'basic realm="%s"' % realm, 1)
+
if IPluggableAuthService.isImplementedBy(acl_users):
acl_users.resetCredentials(REQUEST, RESPONSE)
else:
- realm=RESPONSE.realm
- RESPONSE.setHeader('WWW-Authenticate', 'basic realm="%s"' % realm, 1)
raise Unauthorized, '<p>You have been logged out.</p>'
- referrer = REQUEST.get('HTTP_REFERER') # HTTP_REFERER is optional header
- if referrer:
- REQUEST['RESPONSE'].redirect(referrer)
- else:
- RESPONSE.setBody("""<html>
+
+ RESPONSE.setStatus(401)
+ RESPONSE.setBody("""<html>
<head><title>Logout</title></head>
<body>
<p>
More information about the Zope-CVS
mailing list