So, leaving other issues aside *wink*, I'm no puzzled by the challenge
code in PAS. It looks like there was some attempt at distinguishing
challenging by some sort of 'protocol', but it leaves a lot to be
desired, or I don't understand how it's supposed to work.
The problem I'm facing now is that
Hi Sidnei,
I had to deal with this at some point and I wrote a PAS multiplugin that
implemented the "unauthorized" method (forget which interface that
belongs to)... here it is along with a helper method to figure out if a
request came from a DAV client:
security.declarePublic('unauthorized'
On Thu, Aug 11, 2005 at 03:18:43PM -0400, Chris McDonough wrote:
| Hi Sidnei,
|
| I had to deal with this at some point and I wrote a PAS multiplugin that
| implemented the "unauthorized" method (forget which interface that
| belongs to)... here it is along with a helper method to figure out if a
[Sid]
> So, leaving other issues aside *wink*, I'm no puzzled by the challenge
> code in PAS. It looks like there was some attempt at distinguishing
> challenging by some sort of 'protocol', but it leaves a lot to be
> desired, or I don't understand how it's supposed to work.
Probably both ;)
Th
On Fri, Aug 12, 2005 at 11:04:16AM +1000, Mark Hammond wrote:
|
|
| It sounds like the problem is that PAS does not have any concept of the
| "source" of the request. The existing behaviour seems correct (enough) for
| the standard case of a web browser hitting the site on a standard HTTP
| port