Patrick Lewis wrote:
> I haven't used it, but I believe identity already supports http
> authentication (basic). It is configured in app.cfg with the
> identity.source config variable (make sure http_auth is included).
>
> If it doesn't work, open a ticket, and someone (me, at the very least)
> can take a look.
It works just fine. The problem isn't that folks aren't succesfully
authenticated when tokens are provided via HTTP auth; rather, it's that
when valid tokens *aren't* given, folks are redirected to a form rather
than given a response telling their browser to do HTTP-based
authentication. There are parts of my site (not all of it!) where the
redirect-to-a-form approach is The Wrong Thing.
that's because the identity.source is actually a list and it's coded to fallback, you may be able to leave just http on but then the other code will not work.
maybe overwriting this behaviour could be better
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "TurboGears" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/turbogears
-~----------~----~----~----~------~----~------~--~---
