On Mon, Jan 4, 2010 at 11:57 AM, James Gardner <ja...@pythonweb.org> wrote:
> One tip though, I now believe using exceptions to trigger the 401 and > 403 responses and then intercepting them in WSGI middleware is not a > good design pattern. New code I'm working on generates a normal > response in the authorization decorators or whereever the check fails > instead of in the WSGI middleware. Interesting. Does this mean that you return a 200 status for bad auth, or that you return 400 status errors and tell the StatusCodeRedirect not to eat those 40x code errors? I know that this was argued about at some length on the list a year ago or so... don't want to re-hash that discussion. Just wondering what your new recommendations are.--
You received this message because you are subscribed to the Google Groups "pylons-discuss" group.
To post to this group, send email to pylons-disc...@googlegroups.com.
To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.