[Zope-PAS] Challengers (and Zope 3)
Mark Hammond
mhammond at skippinet.com.au
Thu Sep 30 19:17:41 EDT 2004
[Jim]
>
> In Zope 3, this is done by the exception view by the
> Unauthorized Exception.
> If challengers need to be able to do this, then we will
> probably need to
> add better apis for response manipulation, which we probably
> need anyway.
>
> In Zope 2, the challenger might do this in the "is None" case
> as you suggest.
OK - that all sounds fine to me.
I see 2 remaining small issues:
* The semantics for redirection based protocols isn't clear to me. The only
reasonable solution I see would be for:
def challenge(self, protocol):
if protocol is None:
# do the redirect
return self.protocol
else:
# do nothing.
ie, do *not* try and piggy-back the same protocol the way challenge/response
based ones will. Is that what you had in mind?
* We should define the protocol IDs somewhere, so that an (eg) NTLM based
challenger is confident it has the same protocol as the (eg) HTTP one.
Mark.
More information about the Zope-PAS
mailing list