[Zope-CMF] WebDAV

Tres Seaver tseaver@zope.com
Thu, 16 Aug 2001 10:31:42 -0400


seb bacon wrote:

 > Lucas Hoffman asked:
 >

> > Does anybody  uses WebDAV together with CMF?  My clients (Cadaver and Amaya) 
> > do not manage to handle the redirection to the login screen.
> >
> > Or mayby, how do I instruct CMF to use basic authentication on the WebDAV 
> > port?
> 
> The ZC folks suggest removing the CookieCrumbler, which is a bit
> 'suboptimal' IMO.  The problem is, there's no real way of knowing if a
> client is webDAV or HTTP.  Most nix clients use the neon libs, and
> they say so in their user agent string, but you can't be sure they'll
> continue to do so, since it's not part of the spec.  I hacked together
> a version of CookieCrumbler which kind of works.  However, this
> approach is bound to end in tears... 
> 
> The other possibility, now that the WebDAV src port is officially
> defined, is just to turn off CookieCrumbling on that port.  Come to
> think of it, surely that's the best way.  However, it's not been done
> yet, to my knowledge.

We've made a couple of laregly unsuccessful tries at that.  Our
current workaround is to leave the CookieCrumbler in place, but
clear out its "Auto login form" property;  in this scenario, the
CC won't redirect requests which raise "Unauthorized" to the login
form, and so Cadaver et. aliae work.


-- 
===============================================================
Tres Seaver                                tseaver@zope.com
Zope Corporation      "Zope Dealers"       http://www.zope.com