to partly answer my own question

Uwe Hoffmann schrieb:


    My Problem is: If the client hits a protected page the
    gssapi based challenge is run and some headers are set
    (WWW_Authenticate: negotiate) but the body of the resulting 401
    response is always the standard message set in HTTPResponse of
    the HTTPResponse Zope module ("You are not ...") .

If i make the following patch my problem (within the problems environment) seems to be solved. I'm not sure what's broken with this patch (e.g. resp.body is certainly not correct in every case).

*** PluggableAuthService.py        2005-05-27 21:10:45.000000000 +0200
--- PluggableAuthService.py        2005-11-02 23:00:58.000000000 +0100
***************
*** 969,974 ****
--- 969,975 ----
          resp._unauthorized_stack = stack
          resp._unauthorized = self._unauthorized
          resp._has_challenged = False
+         resp.unauthorized = self.unauthorized

      #
      # Response override
***************
*** 985,990 ****
--- 986,997 ----
          else:
              resp._has_challenged = True

+     def unauthorized(self):
+         req = self.REQUEST
+         resp = req['RESPONSE']
+         self._unauthorized()
+         raise Unauthorized(message=resp.body)
+
      def challenge(self, request, response):
          # Go through all challenge plugins
          plugins = self._getOb('plugins')



    def challenge( self, request, response, **kw ):
            response.addHeader('WWW-Authenticate',
                               'negotiate')
            m = "<strong>pipapo</strong>"

            response.setBody(m, is_error=1)
            response.setStatus(401)
            return 1

    ( actually <strong>pipapo</strong> will be replaced by the form
      which will submit the values for the cookie based
          authentication plugin)

    so it seems that response.setBody is called again.
    any hints ?

    regards,
        Uwe

_______________________________________________
Zope-PAS mailing list
Zope-PAS@zope.org
http://mail.zope.org/mailman/listinfo/zope-pas

Reply via email to