[Zope-CMF] A bit of a glitch with FTP PUT

seb bacon seb@jamkit.com
Mon, 21 May 2001 13:50:41 +0100


* Tres Seaver <tseaver@novacoxmail.com> [010521 13:03]:
> > I've been struggling with the WebDAV, myself.  I mentioned last week
> > that one problem is that CookieCrumbler does redirection when
> > Unauthorized is raised, which breaks WebDAV.  FWIW, although it's not
> > exactly a watertight solution, I've found the attached works with all
> > the clients I've tested it on.  And I can't think of any other way
> > round it, unfortunately.
> 
> The simpler workaround is to clear the "auto_login_page" property of
> the CookieCrumbler;  this disables its "eager redirect" behavior.
> I do want a better solution;  one possibility is to have the publisher
> hack some additional state into the REQUEST if it arrives on the
> "WebDAV source port".

Thing is, I *like* the eager redirect behaviour of the CookieCrumbler -
linking to non-public documents is likely to be a common scenario,
and this makes all the authentication a bit more pleasant. 

I'm not too keen on forcing people to use a non-standard port, either
- wouldn't it confuse the majority of users?  Although it's
fairly nasty, the strategy of checking for DAV headers is already
present in Zope, so would it be so bad to extend it to the CMF?
However, it's the least appealing solution to any problem I've ever
seen, so maybe not ...;)
 
> Thanks for the feedback!  WebDAV and FTP fixes are probably the last
> stuff on the radar for a 1.1;  I'm hoping to cut a beta by Friday.

Great!  I'm looking forward to it...

seb