[Zope-PAS] Cookie Auth Monopolizes Challenge?
Sidnei da Silva
sidnei at enfoldsystems.com
Thu Aug 11 14:46:03 EDT 2005
So, leaving other issues aside *wink*, I'm no puzzled by the challenge
code in PAS. It looks like there was some attempt at distinguishing
challenging by some sort of 'protocol', but it leaves a lot to be
desired, or I don't understand how it's supposed to work.
The problem I'm facing now is that using the Cookie Auth plugin
effectively breaks WebDAV (and possibly FTP and XML-RPC), because as
soon as the Cookie Auth plugin is hit on challenge, it does a redirect
to the login form.
Changing the Cookie Auth to come after Basic Auth doesn't help either,
as then instead of a browser client being directed to the login form
it gets a basic auth dialog instead.
Is it possible that nobody noticed this yet? Or is it just me not
getting enough sleep last night?
--
Sidnei da Silva
Enfold Systems, LLC.
http://enfoldsystems.com
More information about the Zope-PAS
mailing list