[Zope-dev] Authentication Patch

[Esben Haabendal Soerensen]

>>>>> "Evan" == Evan Simpson <evan@4-am.com> writes:

Evan> I got tired of dealing with the weird mechanics cookie-based
Evan> logins have to deal with, where standard_html_error and
Evan> tracebacks intrude on login intercepts.  I came up with the
Evan> following minor change, which works great for me, and might make
Evan> GenericUserFolder's job easier, too.

Evan> In ZPublisher/HTTPRequest.py (or SiteAccess/ChangeBehaviors.py,
Evan> if you use SiteAccess), change the lines:

Evan> if user is None and roles != UNSPECIFIED_ROLES:
Evan> response.unauthorized() to: if user is None and roles !=
Evan> UNSPECIFIED_ROLES: object = response.unauthorized

Evan> Under normal circumstances, this has no effect, since
Evan> 'response.unauthorized' will be called as soon as it is returned
Evan> and will raise its exception as usual.  Now however, we add a
Evan> twist; When the cookie-based authenticator fails, it replaces
Evan> 'response.unauthorized' with its 'login' document.  If no
Evan> higher-level authentication succeeds, the 'login' document is
Evan> rendered normally.  Since 'response' is re-created with each
Evan> request, this modification has no effect beyond the current
Evan> request.

Evan> What do you folks think?

Nice.  I wouldn't mind seeing this go into next release of GUF.

/bart 
-- 
caffeine low .... brain halted