Thanks Chris. I forgot to mention I've already done that (wrote custom challenge decider), still no effect. I've baked simple one-file pyramid application using pyramid_who in this paste: http://bit.ly/eNPPjY . Paster configuration file (development.ini) is generated by pyramid_starter template without any modifications. Application has just 2 views - protected_view and public_view, protected_view should be accessible only after successful basicauth. Currently it prints Unauthorized: <function protected_view at xxx> failed permission check with 403 status code. I would really appreciate to help me with getting this sample right.
On Mar 19, 5:56 pm, Chris McDonough <[email protected]> wrote: > See > also:http://docs.pylonsproject.org/projects/pyramid/1.0/whatsnew-1.0.html#...for > a way to leave Pyramid unchanged but to change the who config itself instead. > > On Sat, 2011-03-19 at 11:35 -0500, Michael Merickel wrote: > > As I understand it, repoze.who expects you to return a 401 when auth > > is required and pyramid returns a 403. The solution is to register a > > Forbidden view that converts the 403 into a 401 > > (pyramid.httpexceptions.HTTPUnauthorized). > > >http://docs.pylonsproject.org/projects/pyramid/1.0/narr/hooks.html#ch... > > > Michael > > > On Sat, Mar 19, 2011 at 7:00 AM, agrzelak <[email protected]> > > wrote: > > Hello, > > > I'm trying to use "pyramid_who" plugin in my application. I've > > configured authentication and authorization policies, wrote > > simple who > > config file (just basicauth for id and challenge, custom > > authenticator). When I'm trying to access a protected view, > > pyramid > > outputs 403 Forbidden (forbidden view), without asking for > > credentials > > via basicauth. I guess I'm doing something wrong. > > > Is there any sample application that shows how to use > > "pyramid_who" > > plugin, or could someone provide one? > > > Thanks! > > > -- > > You received this message because you are subscribed to the > > Google Groups "pylons-discuss" group. > > To post to this group, send email to > > [email protected]. > > To unsubscribe from this group, send email to pylons-discuss > > [email protected]. > > For more options, visit this group at > > http://groups.google.com/group/pylons-discuss?hl=en. > > > -- > > You received this message because you are subscribed to the Google > > Groups "pylons-discuss" group. > > To post to this group, send email to [email protected]. > > To unsubscribe from this group, send email to pylons-discuss > > [email protected]. > > For more options, visit this group at > >http://groups.google.com/group/pylons-discuss?hl=en. -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
