[Zope-PAS] auth fallback with cookies

Sidnei da Silva sidnei at enfoldsystems.com
Tue Aug 9 22:46:28 EDT 2005


On Tue, Aug 09, 2005 at 11:19:12PM -0300, Sidnei da Silva wrote:
| On Sun, Aug 07, 2005 at 03:49:36PM -0700, Kapil Thangavelu wrote:
| | make the cookie auth plugin push form credentials into the the request 
| | as basic auth headers ala cookie crumbler.
| 
| I've tried that but have not succeeded for some reason.

Actually, I've just managed to make it work with the following
patch. What happens is that when PAS is called it does modify
request._auth, but at that point the local variable 'auth' in
BaseRequest is already bound to the previous value of request._auth.

OTOH, this looks more like a hack than anything to me.

-- 
Sidnei da Silva
Enfold Systems, LLC.
http://enfoldsystems.com
-------------- next part --------------
Index: BaseRequest.py
===================================================================
RCS file: /cvs-repository/Packages/ZPublisher/Attic/BaseRequest.py,v
retrieving revision 1.51.2.4
diff -u -r1.51.2.4 BaseRequest.py
--- BaseRequest.py	2 Dec 2004 16:49:28 -0000	1.51.2.4
+++ BaseRequest.py	10 Aug 2005 02:54:10 -0000
@@ -433,6 +433,7 @@
                 else: user=v(request, auth, roles)
 
                 while user is None and i < last_parent_index:
+                    auth=request._auth
                     parent=parents[i]
                     i=i+1
                     if hasattr(parent, '__allow_groups__'):


More information about the Zope-PAS mailing list