Lennart Regebro wrote:
On 4/21/05, Chris Withers <[EMAIL PROTECTED]> wrote:
Aha, as does PAS I see. Does this mean RESPONSE.unauthorized should be a
responsibility of the user folder?
I think it should be, yes. Or, actually the responsibility of the user object.
Why the difference?
cheers,
Chris
-
On 4/21/05, Chris Withers <[EMAIL PROTECTED]> wrote:
> Aha, as does PAS I see. Does this mean RESPONSE.unauthorized should be a
> responsibility of the user folder?
I think it should be, yes. Or, actually the responsibility of the user object.
--
Lennart Regebro, Nuxeo http://www.nuxeo.com/
Sidnei da Silva wrote:
| >| 2. Is the above behaviour pluggable at all?
| >
| >Not at all.
|
| Should it be? Can it be without impacting on performance?
I don't think so. I would expect there's only one sane way to do it.
I'm not sure I agree, I've read lots of different views on this sort of
th
On 2005-04-20 11:20:26 -0400, Chris Withers
<[EMAIL PROTECTED]> said:
Sidnei da Silva wrote:
| 3. How does PAS handle failover from one authentication plugin to the next?
/me leaves slot for PAS experts to fill
Each attempt at authenticating a particular set of credentials gets a
crack, and eith
On Wed, Apr 20, 2005 at 04:20:26PM +0100, Chris Withers wrote:
| >| 2. Is the above behaviour pluggable at all?
| >
| >Not at all.
|
| Should it be? Can it be without impacting on performance?
I don't think so. I would expect there's only one sane way to do it.
| >| 4. What kicks off the authent
Sidnei da Silva wrote:
| Now, 5.2 is where I have the problem, since raising unauthorized
| anywhere in Zope traditionally pops up a basic auth box rather than
| returning standard_error_message with a 403 response which, as time goes
| by, I'm starting to think is what should really happen.
Ye