Hi Massimo Here are the steps to reproduce this problem in web2py 1.99.2 (these steps worked fine on 1.98.x versions)
1) In web2py admin create "New simple application" called "foo" 2) Add to db.py: auth.settings.allow_basic_login = True 3) Decorate call() with @auth.requires_login in default.py: @auth.requires_login() def call(): ... 4) Add a simple XMLPRC method to default.py: @service.xmlrpc def multiply(a=1,b=1): return dict(answer=int(a) * int(b)) 5) Register a user with email "bob.sm...@foo.com" password "snowball" 6) From a python shell use ServerProxy to invoke the service > from xmlrpclib import ServerProxy > server = > ServerProxy('http://bob.sm...@foo.com:snowball@localhost:8000/foo/default/call/xmlrpc', > verbose=True) > server.multiply(2, 2) ... reply: 'HTTP/1.1 303 SEE OTHER\r\n' ... Cheers, Rob On Oct 22, 2:59 am, Massimo Di Pierro <massimo.dipie...@gmail.com> wrote: > Can you provide an example to reproduce the problem? > > On Oct 21, 12:38 am,RobinMarshall<robin.d.marsh...@gmail.com> > wrote: > > > > > > > > > Hi, > > > Just wanted to say that we found a bug in 1.99.2 when using XMLRPC > > services with the @auth.requires_login decorator using basic > > authentication. > > > It looks like some code was refactored out of requires_login into a > > generic requires method which might be the cause of the problem. > > > A quick hack was to change the following code, but obviously that > > won't work very well for people who aren't using basic authentication. > > > def is_logged_in(self): > > """ > > checks if the user is logged in and returns True/False. > > if so user is in auth.user as well as in session.auth.user > > """ > > if self.user: > > return True > > return False > > > to: > > > def is_logged_in(self): > > """ > > checks if the user is logged in and returns True/False. > > if so user is in auth.user as well as in session.auth.user > > """ > > if self.basic() and self.user: > > return True > > return False > > > Cheers, > >Robin