to partly answer my own question Uwe Hoffmann schrieb:
My Problem is: If the client hits a protected page the gssapi based challenge is run and some headers are set (WWW_Authenticate: negotiate) but the body of the resulting 401 response is always the standard message set in HTTPResponse of the HTTPResponse Zope module ("You are not ...") .
If i make the following patch my problem (within the problems environment) seems to be solved. I'm not sure what's broken with this patch (e.g. resp.body is certainly not correct in every case).
*** PluggableAuthService.py 2005-05-27 21:10:45.000000000 +0200 --- PluggableAuthService.py 2005-11-02 23:00:58.000000000 +0100 *************** *** 969,974 **** --- 969,975 ---- resp._unauthorized_stack = stack resp._unauthorized = self._unauthorized resp._has_challenged = False + resp.unauthorized = self.unauthorized # # Response override *************** *** 985,990 **** --- 986,997 ---- else: resp._has_challenged = True + def unauthorized(self): + req = self.REQUEST + resp = req['RESPONSE'] + self._unauthorized() + raise Unauthorized(message=resp.body) + def challenge(self, request, response): # Go through all challenge plugins plugins = self._getOb('plugins')
def challenge( self, request, response, **kw ): response.addHeader('WWW-Authenticate', 'negotiate') m = "<strong>pipapo</strong>" response.setBody(m, is_error=1) response.setStatus(401) return 1 ( actually <strong>pipapo</strong> will be replaced by the form which will submit the values for the cookie based authentication plugin) so it seems that response.setBody is called again. any hints ? regards, Uwe
_______________________________________________ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas