So, leaving other issues aside *wink*, I'm no puzzled by the challenge code in PAS. It looks like there was some attempt at distinguishing challenging by some sort of 'protocol', but it leaves a lot to be desired, or I don't understand how it's supposed to work.
The problem I'm facing now is that using the Cookie Auth plugin effectively breaks WebDAV (and possibly FTP and XML-RPC), because as soon as the Cookie Auth plugin is hit on challenge, it does a redirect to the login form. Changing the Cookie Auth to come after Basic Auth doesn't help either, as then instead of a browser client being directed to the login form it gets a basic auth dialog instead. Is it possible that nobody noticed this yet? Or is it just me not getting enough sleep last night? -- Sidnei da Silva Enfold Systems, LLC. http://enfoldsystems.com _______________________________________________ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas