to partly answer my own question
Uwe Hoffmann schrieb:
My Problem is: If the client hits a protected page the
gssapi based challenge is run and some headers are set
(WWW_Authenticate: negotiate) but the body of the resulting 401
response is always the standard message set in HTTPResponse of
the HTTPResponse Zope module ("You are not ...") .
If i make the following patch my problem (within the problems
environment) seems to be solved. I'm not sure what's broken with this
patch (e.g. resp.body is certainly not correct in every case).
*** PluggableAuthService.py 2005-05-27 21:10:45.000000000 +0200
--- PluggableAuthService.py 2005-11-02 23:00:58.000000000 +0100
***************
*** 969,974 ****
--- 969,975 ----
resp._unauthorized_stack = stack
resp._unauthorized = self._unauthorized
resp._has_challenged = False
+ resp.unauthorized = self.unauthorized
#
# Response override
***************
*** 985,990 ****
--- 986,997 ----
else:
resp._has_challenged = True
+ def unauthorized(self):
+ req = self.REQUEST
+ resp = req['RESPONSE']
+ self._unauthorized()
+ raise Unauthorized(message=resp.body)
+
def challenge(self, request, response):
# Go through all challenge plugins
plugins = self._getOb('plugins')
def challenge( self, request, response, **kw ):
response.addHeader('WWW-Authenticate',
'negotiate')
m = "<strong>pipapo</strong>"
response.setBody(m, is_error=1)
response.setStatus(401)
return 1
( actually <strong>pipapo</strong> will be replaced by the form
which will submit the values for the cookie based
authentication plugin)
so it seems that response.setBody is called again.
any hints ?
regards,
Uwe
_______________________________________________
Zope-PAS mailing list
[email protected]
http://mail.zope.org/mailman/listinfo/zope-pas
