make the cookie auth plugin push form credentials into the the request as basic auth headers ala cookie crumbler.

On Jul 26, 2005, at 4:09 PM, J Cameron Cooper wrote:

Say I have a user in a root acl_users folder (call it 'admin'). I also have a PAS user folder in a sub-object of the root. This PAS is configured to do cookie auth, and users will typically login using a form.

Now, if I try to log in as 'admin' in that form, it doesn't work. I think this is why:

 - credentials are supplied via a form to the PAS cookie auth plugin

 - there is no such user, so it fails

- 'validate' returns None, so Zope goes to the next user folder (which the basic in the root where 'admin' lives)

- that one tries to validate but gets nothing: it looks for HTTP basic credentials, but finds nothing, since login is form based

Does this sound about right? Anybody have a strategy to get around this?

Enfold Systems, LLC

Zope-PAS mailing list

Zope-PAS mailing list

Reply via email to