[Zope-PAS] Challengers (and Zope 3)
mhammond at skippinet.com.au
Thu Sep 30 19:17:41 EDT 2004
> In Zope 3, this is done by the exception view by the
> Unauthorized Exception.
> If challengers need to be able to do this, then we will
> probably need to
> add better apis for response manipulation, which we probably
> need anyway.
> In Zope 2, the challenger might do this in the "is None" case
> as you suggest.
OK - that all sounds fine to me.
I see 2 remaining small issues:
* The semantics for redirection based protocols isn't clear to me. The only
reasonable solution I see would be for:
def challenge(self, protocol):
if protocol is None:
# do the redirect
# do nothing.
ie, do *not* try and piggy-back the same protocol the way challenge/response
based ones will. Is that what you had in mind?
* We should define the protocol IDs somewhere, so that an (eg) NTLM based
challenger is confident it has the same protocol as the (eg) HTTP one.
More information about the Zope-PAS