[Zope] AUTHENTICATED_USER reverts back to Anonymous User
Steve Spicklemire
steve@spvi.com
Sat, 1 Dec 2001 06:46:20 -0500
I think this behavior is browser dependent. Some browsers (e.g.,
OmniWeb? others?) only send AUTH headers if a non-authenticated attempt
returns AUTH REQUIRED. Others (e.g., Netscape, IE, Mozilla?...) send
AUTH headers any time after the user is asked to authenticate, and the
URL visited has the same domain. I think Oleg is right though.. I don't
believe the spec requires AUTH headers to be sent unless they are
required and this produces exactly the behavior you've seen. It also
makes the Zope management interface useless (if you've ever tried to use
it with one of these browsers!)
good luck!
-steve
On Friday, November 30, 2001, at 09:12 AM, Oleg Broytmann wrote:
> On Fri, Nov 30, 2001 at 03:33:39PM +0200, Etienne Labuschagne wrote:
>> 1) User enters site (REQUEST.AUTHENTICATED_USER == "Anonymous User")
>> 2) User logs in when accesing a "secure" page.
>> (REQUEST.AUTHENTICATED_USER
>> == "myUser")
>> 3) User goes to page that is available for Anonymous Users but which is
>> rendered differently for logged in users. Page must now render as if
>> user
>> is logged in, but does not because REQUEST.AUTHENTICATED_USER ==
>> "Anonymous
>> User" again??
>>
>> After doing some reading it seems as if this is a problem with the way
>> HTML
>> authentication works (Zope does not receive a browser authentication
>> challenge or something like that). Is there a way around this other
>> than
>> using cookies or url mangling?
>
> There is no. HTTP Basic Authentication is too basic to be ueable. :(
>
> Oleg.
> --
> Oleg Broytmann http://phd.pp.ru/
> phd@phd.pp.ru
> Programmers don't die, they just GOSUB without RETURN.
>
> _______________________________________________
> Zope maillist - Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://lists.zope.org/mailman/listinfo/zope-announce
> http://lists.zope.org/mailman/listinfo/zope-dev )