[Zope] - Forcing re-authentication

Hannu Krosing hannu@trust.ee
Tue, 26 Jan 1999 16:56:01 +0200


Pieter J. Kersten wrote:
> 
> I'm having some problems in my ZPublisher application concerning
> authentication.
> 
> In short it compiles to the following:
> - When a user connects to the application, an authentication is forced and the
> user logs in.
> - After a while, if the user wants to re-authenticate (in order to use a
> different userid), he/she has to close the browser in order to get a new login
> window.
> 
> This is considered painfull.
> Is there a way to force re-authentication without leaving the browser
> (Mozilla)?

I have been told that this can be done by changing the Domain (defined
by __bobo_realm__
in bobo, probably the same in Zope ?)

But how to change __bobo_realm__ on the fly, at the right time and 
per-user basis I have not yet figured out.

If you can accept irritating your users with An authentication error
AlertBox,
you can probably just manually have your __allow_groups__ function to
deny access 
for certain urls.

------------------
Hannu