[Zope] (Zope's) authentication problem

Chris Withers chrisw@nipltd.com
Tue, 04 Sep 2001 13:01:30 +0100


Richard Barrett wrote:
> 
<snip>
> My note: the client "MAY preemptively ...", not MUST.
<snip>
> the credentials if the server issues a 401 challenge. However, for reasons
> known only to Zope's authors, when the contents of the "manage_main" frame
> are requested without credentials, Zope responds with a 302 Redirect rather
> than demanding authorization with a 401 response.
> This explains why Zope's default index_html contains the following
> (erroneous) note:
<snip>
> "NOTE: Some versions of Microsoft Internet Explorer, (specifically IE 5.01
> and early versions of IE 5.5) may have problems displaying Zope management
> pages. If you cannot view the management pages, try upgrading your IE
> installation to the latest release version, or use a different browser."
<snip>

> Maybe it is time to patch Zope so that it is RFC standards conformant ??

This is probably the best summary I've read on this issue...

cheers,

Chris