Matt Behrens wrote: > I've got some rather funky auth requirements where I need to stop Zope > from challenging Basic authentication when Unauthorized is raised. > > I seem to be able to do this if I monkey-patch > HTTPResponse.unauthorized(), but what I'd really like is to be able to > hook into it to make a user folder-overridable challenge with a fallback > to the standard unauthorized. Maybe such a hook would be useful in 2.6 :-) > > So, given that, can I get to the user folder from > HTTPResponse.unauthorized()? Or are there any better ideas?
Check out CookieCrumbler. It does several things: - It patches response *instances*; that is, it adds an attribute to response instances called "unauthorized" which overrides the method. The attribute value is a method bound to a different object. - It uses the request._hold() mechanism to delete the attribute it added to the response, avoiding a memory leak. It would be useful to provide a better way to hook unauthorized() in Zope 2.6, but this way is compatible with Zope 2.4 and 2.5, so I'm not motivated enough. ;-) Shane _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )