[Zope] Changing my session identity
Meeting Maker Webmaster
webmaster@meetingmaker.com
Thu, 20 Jul 2000 17:48:09 +0200
Hello,
At 15:30 19.07.2000 +0000, you wrote:
> does anybody know a possibility to change the identity during a browser
> process, without killing all clients and logging in again?
In the "Tracker" product, you will find two DTML Methods that will enable
you to change the identity. They are called "login" and "relogin". Simply
call <dtml-var login> to get a login prompt. I believe if you simply do not
fill this form, you will get "Unauthorized" and then back to Anonymous.
-------[login]----------------
<dtml-var relogin>
<dtml-if "REQUEST.get('HTTP_REFERER', '') != ''">
<dtml-call "RESPONSE.redirect(REQUEST.get('HTTP_REFERER'))">
<dtml-else>
<dtml-call "RESPONSE.redirect(URL1)">
</dtml-if>
-------------------------------
-------[relogin]----------------
<!--#comment-->
Call this from other methods to force user reauthentication before
redirecting back to the calling script.
(This script leaves traces before raising "Unauthorized" so that it
recognizes the return after the authentication, and avoids repeating.
At that point the cookie used to recognize the return is removed,
enabling the process for the next invocation.)
<!--#/comment-->
<!--#var "REQUEST.AUTHENTICATED_USER" html_quote-->
<!--#if "(REQUEST.cookies.has_key('relogin')
and (not _.hasattr(REQUEST.cookies['relogin'],'has_key')
or not REQUEST.cookies['relogin'].has_key('value')
or (REQUEST.cookies['relogin']['value'] != 'deleted')))"-->
<!--#call "REQUEST.RESPONSE.expireCookie('relogin')"-->
<!--#else-->
<dtml-call "REQUEST.RESPONSE.setCookie('relogin', 1,
expires=(ZopeTime('GMT')
+(1.0/(24*60))).rfc822())">
<!--#call "REQUEST.RESPONSE.expireCookie('__ac', path='/')"-->
(Interim - the raise value only shows when the user login fails.)
<!--#raise Unauthorized-->
Refresh this page to get the login prompt.
<!--#/raise-->
<!--#/if-->
-----------------------------------
Best regards,
Gérard Jr.