That's right, PAS isn't challenging the client. I dug a little further, and it seems that ChallengeProtocolChooser's protocol mapping doesn't include {'Browser':['http']} (it only has keys 'WebDAV', 'FTP', 'XML-RPC').
If I stick that mapping in manually, the second request authenticates (the first request, as you say, doesn't interact with PAS at all). So, at a high level, what am I missing such that that protocol mapping isn't in there? My active plugins: Extraction Plugins: basicAuthHelper cookieAuthHelper Authentication: userManager Challenge: basicAuthHelper Challenge_Protocol_Chooser: protocolChooser Request_Type_Sniffer: requestTypeSniffer --Ian On Jun 12, 2009, at 9:17 AM, Willi Langenberger wrote: > According to Ian McCracken: >> For example, I'm doing: >> >> wget --user myuser --password mypassword http://localhost:8080/path/to/thing >> >> I threw a breakpoint in ZPublisher/HTTPRequest.py:275 to see what >> auth >> information was in the request environment; there is none. I also >> tried wget http://user:p...@localhost:8080/, just for kicks, but of >> course the same problem. > > Hm. What is the exact output from > > wget -S --user myuser --password mypass http://localhost:8080/path/to/thing > > in both cases (2.8.8/1.4 and 2.11.2/1.5.3) ? > > As far as I know, wget doesnt send the credentials on the first > request. Instead, it sends them only if it gets a 401 ("authorization > required") response. > > So it could be perfectly ok that you see no auth data at the > HTTPRequest breakpoint (if it is the first request). BTW, i think at > the > time your breakpoint is hit, there was no interaction with PAS. > > It seems, that your PAS doesnt challenge the client with a 401 > response. > > Have you activated the PAS "challenge plugin"? > > > \wlang{} > > -- > willi.langenber...@wu.ac.at Fax: +43/1/31336/9207 > IT-Services, WU Wirtschaftsuniversitaet Wien, Austria _______________________________________________ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas