Oliver Bleutgen wrote at 2003-1-17 18:02 +0100:
 > Dieter Maurer wrote:
 > > You might use a "SiteAccess" access rule.
 > Dieter, thanks for the suggestion. But I don't see how SiteAccess could
 > help me here, maybe I'm missing something.
 > Basically, what I want to do is to prevent zope from ever sending a 
 > unauthorized response to a clear text http request,
In your AccessRule, you can customize the
the "_unauthorized" method of the RESPONSE object.

The AccessRule must be implemented in an External Method
in order to be able to change "RESPONSE._unauthorized".

You can look at Cookie Crumbler. It uses a similar technique
to prevent an Unauthorized response and rather display its
login form.


Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope )

Reply via email to