When you say "the client is still sending the username/password". I
don't use cookies
but, because I only use relative urls, Zope seems to maintain the same
security "context" thoughout the "session" (a relative url would be href
= "dir1\dir2"). I am looking for some way to refresh this security
"context" to use the new password.
It is really confusing for the login to pop up at this point-
particularly because
it looks like it is asking for permissions to change the password (
needs OLD password)
Clark
-----Original Message-----
From: Behrens Matt - Grand Rapids [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 25, 2001 10:09 AM
To: Clark OBrien
Cc: '[EMAIL PROTECTED]'
Subject: Re: [Zope-dev] login prompt after letting user change his
password.
Clark OBrien wrote:
> Hi all
> I have written some code to alow a user to change his password (below)
>
> The problem is that after executing this code the login dialog pops
up.
>
> The login requires the user to enter his NEW password.
There is absolutely nothing wrong with that.
Basic authentication works by sending the username and password with
each request. You've changed the password on the server, but the client
is still sending the old password, which doesn't authenticate them any
longer.
The user'd have to do it sometime, why not right after their password is
changed?
BTW, the proper forum for this type of question is the main Zope mailing
list, <[EMAIL PROTECTED]>.
--
Matt Behrens <[EMAIL PROTECTED]>
System Analyst, Baker Furniture
_______________________________________________
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )
