[Zope-PAS] challenge branch ready for review
mhammond at skippinet.com.au
Thu Oct 14 06:13:42 EDT 2004
> This only overrides _unauthorized(), which means that
> _exception() will
> then later in the chain perform a HTTP Basic auth no matter what. You
> need to override _exception *and* _unauthorized, like is done in HEAD
> for the moment.
Are you sure about that? I could disable all HTTP auth with that branch.
It is response._unauthorized which sets up this authentication, and that is
exactly what we override. I don't believe there was any reason to override
More information about the Zope-PAS