[Zope] Raise Unauthorized?! - and logging in new users: two questions
Chris McDonough
chrism@zope.com
Sun, 05 Aug 2001 21:03:44 -0400
On Sun, 05 Aug 2001 14:43:38 -0700
David Hassalevris <bluepaul@earthlink.net> wrote:
> Hi Zopers,
>
> I did some research on this ... but im up against
> deadlines :-)
> (1):
> Apparently <dtml-raise Unauthorized> creates a "rendering
> loop". That
> is, you raise Unauthorized,
> get the login screen, enter a VALID userid/password,
> click OK and you
> get yet ANOTHER login screen.
>
> I want to be able to login new users without the need for
> the user to
> terminate the browser and
> restart.
This is a problem with HTTP basic authentication, and
unfortunately there's nothing that Zope can do about it.
The same problem would happen under any system that used
HTTP basic authentication.
> I am really hoping that someone has solved this problem
> (without turning
> to 3rd party login managers).
Nope, you need a user folder that supports cookie-based
authentication, sorry..
>
> (2): Also, is there a way to login a user
> "programmically", that is, by
> avoiding the
> browser login screen and logging the user in via a python
> script or
> DTML????
There is a way, but it's not documented, and it's only
available from within "unrestricted code" (External Methods
and Python Products). For an example, see the EventWrapper
class inside CoreSessionTracking's SessionDataManager.py
file.