On Thu, Aug 11, 2005 at 11:14:53PM -0300, Sidnei da Silva wrote:
| So my proposal would be to special-case the IChallengePlugin and let
| the site manager (or whatever title the person in charge of
| configuring PAS has) select which set of 'protocols' is allowed for
| each 'request type', where 'r
On Fri, Aug 12, 2005 at 11:04:16AM +1000, Mark Hammond wrote:
|
|
| It sounds like the problem is that PAS does not have any concept of the
| "source" of the request. The existing behaviour seems correct (enough) for
| the standard case of a web browser hitting the site on a standard HTTP
| port
[Sid]
> So, leaving other issues aside *wink*, I'm no puzzled by the challenge
> code in PAS. It looks like there was some attempt at distinguishing
> challenging by some sort of 'protocol', but it leaves a lot to be
> desired, or I don't understand how it's supposed to work.
Probably both ;)
Th
On Thu, Aug 11, 2005 at 03:18:43PM -0400, Chris McDonough wrote:
| Hi Sidnei,
|
| I had to deal with this at some point and I wrote a PAS multiplugin that
| implemented the "unauthorized" method (forget which interface that
| belongs to)... here it is along with a helper method to figure out if a
Hi Sidnei,
I had to deal with this at some point and I wrote a PAS multiplugin that
implemented the "unauthorized" method (forget which interface that
belongs to)... here it is along with a helper method to figure out if a
request came from a DAV client:
security.declarePublic('unauthorized'