[Zope-PAS] Struggling with 'challenge' support.

Lennart Regebro regebro at nuxeo.com
Thu Sep 23 06:40:09 EDT 2004

Lennart Regebro wrote:
> Trapping "raise Unauthorized" and making that into a 
> generic challenge behaviour will require replacing response.exception 
> completely.

A fairly simple change will do it, but it is, as usual, in the middle of 
a big fudging method. :(

I replaced exception() with a version that instead of calling 
_unathorized call pas.challenge(), and then simply does a "return 
response" afterwards. That works but, but... It's not very neat and will 
  ignore any 'fatal' setting, and so on...

Possible solutions:

The challenge doesn't actually change the response, but returns a 
dictionary of headers and a body.

Or, it return t and v, where t is the response type, that is 401 or 302, 
or whatever, and v is the url in the case of a redirect and the body in 
the case of a 401. That means you don't actually change the response 
directly, but you still have pretty good control over it. For example, 
it is possible to just return  a login form (as opposed to redirecting 
to it).

Thoughts on this?

Man, I need coffee.

More information about the Zope-PAS mailing list