[Zope] cookiecrumbler and webdav

John Hunter jdhunter at ace.bsd.uchicago.edu
Tue Aug 17 09:49:12 EDT 2004


I have some File instances on my zope server and am using cookie
crumbler for authetication.  I have the various view, access and
webdav permissions set so the user has permission to access the
document.

When using internet explorer, the http basic authorization dialog box
pops up (the user then can reenter their username and passwd and all
is well).  I would like to avoid forcing the user to reauthenticate.

>From my googling, it appears there is a problem using cookie based
authentication and webdav.  The cookiecrumbler readme states

  If CookieCrumbler gets in the way of WebDAV interactions, use a
  WebDAV source port (see the Zope documentation.)

Could someone elucidate?  Does this mean I should munge the link to
the document do it is accessed as, for example

http://mysite.com:1980/somefile.doc

where 1980 is my <webdav-source-server> address?

Actually, I don't want the documents to be editable (they are read
only).  Ideally, the documents would be accessed via normal http.  Is
there a way to make this happen on the server side w/o having to make
all the clients change their browser settings.  I saw some reference
top WEBDAV_SOURCE_PORT_CLIENTS in the zope book which looked a little
promising along these lines.  Is there any guidance for how this
variable should be used with internet explorer?

Thanks,
John Hunter


More information about the Zope mailing list