Hi, The SessionCredentialsPlugin will redirect to a login form whenever a user needs to be authenticated. The URL to this login form will have a "camefrom" query string, where the "camefrom" is the path-information to the originally requested view.
When the credentials provided by the user are correct, the login form will use the camefrom information to redirect back to that original view. Ideally (a.k.a. according to the HTTP spec.), the camefrom should be an absolute URL, not just a path like the SessionCredentialsPlugin now does. I'd like to fix and release zope.pluggableauth with the following patch applied - unless of course there's compelling reasons not to do this: --- trunk/src/zope/pluggableauth/plugins/session.py 2011-02-07 10:33:25.643791415 +0100 +++ branches/janjaapdriessen-camefrom-fix/src/zope/pluggableauth/plugins/session.py 2011-02-07 10:40:12.301790203 +0100 @@ -308,7 +308,7 @@ # Better to add the query string, if present query = request.get('QUERY_STRING') - camefrom = '/'.join([request.getURL(path_only=True)] + stack) + camefrom = '/'.join([request.getURL()] + stack) if query: camefrom = camefrom + '?' + query url = '%s/@@%s?%s' % (absoluteURL(site, request), regards, jw _______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )