When you say "the client is still sending the username/password". I
don't use cookies
but, because I only use relative urls, Zope seems to maintain the same
security "context" thoughout the "session" (a relative url would be href
= "dir1\dir2"). I am looking for some way to refresh this security
"context" to use the new password.

It is really confusing for the login to pop up at this point-
particularly because
it looks like it is asking for permissions to change the password (
needs OLD password)


-----Original Message-----
From: Behrens Matt - Grand Rapids [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 25, 2001 10:09 AM
To: Clark OBrien
Subject: Re: [Zope-dev] login prompt after letting user change his

Clark OBrien wrote:

> Hi all
> I have written some code to alow a user to change his password (below)
> The problem is that after executing this code  the login dialog pops
> The login requires the user to enter his NEW password.

There is absolutely nothing wrong with that.

Basic authentication works by sending the username and password with 
each request.  You've changed the password on the server, but the client

is still sending the old password, which doesn't authenticate them any 

The user'd have to do it sometime, why not right after their password is


BTW, the proper forum for this type of question is the main Zope mailing


Matt Behrens <[EMAIL PROTECTED]>
System Analyst, Baker Furniture

Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope )

Reply via email to