On Tuesday 29 April 2008, nixon wrote:
> in app.publication.zopepublication.py there are 2 methods.
> Maybe they are invoked in different scenarios, I am not sure.
> But at least one PAU auth for each request.
>     def callTraversalHooks(self, request, ob):
>         # Call __before_publishing_traverse__ hooks
>         notify(BeforeTraverseEvent(ob, request))
>         # This is also a handy place to try and authenticate.
>         self._maybePlacefullyAuthenticate(request, ob)
>     def afterTraversal(self, request, ob):
>         #recordMetaData(object, request)
>         self._maybePlacefullyAuthenticate(request, ob)

callTraverslHooks is called after any new object has been traversed in the 
traversal process. See zope.publisher.base.BaseRequest.traverse. 
afterTraversal is called in zope.publisher.publish.publish after all 
traversal is done. So yes, you would see multiple attempts to authenticate. 
Zope cannot guess that you end up at the same place.

As Roger suggestedm some caching might be good, if the credentials 
verification is expensive.

Stephan Richter
Web Software Design, Development and Training
Google me. "Zope Stephan Richter"
Zope3-users mailing list

Reply via email to