[Zope] why am I Anonymous
Jamie Heilman
jamie@audible.transient.net
Sun, 22 Jun 2003 01:11:35 -0700
robert wrote:
> Hi all,
> I have installed Shanes VerboseSecurity.
> I am logged in as user robert
>
> However VerboseSecurity reports as foolows
>
> Unauthorized: ...
That is how HTTP works; first the request is sent anonymously, then if
it is met with a 401 reponse it re-requests the resource with auth
headers. Sometimes browsers will send auth headers with the first
request for all requests beneath a similar resource path, but that is
not mandatory and if done blindly could lead to credential leaks.
--
Jamie Heilman http://audible.transient.net/~jamie/
"I was in love once -- a Sinclair ZX-81. People said, "No, Holly, she's
not for you." She was cheap, she was stupid and she wouldn't load
-- well, not for me, anyway." -Holly