Log message for revision 65470:
- more fixing of manage_zmi_logout: Stop trying to be clever about the
referer - this simply cannot work. Calling RESPONSE.redirect will lead to
unexpected views being loaded and it destroys the 401 response code
that is needed to make the browser forget basic auth credentials.
Changed:
U PluggableAuthService/trunk/__init__.py
-=-
Modified: PluggableAuthService/trunk/__init__.py
===================================================================
--- PluggableAuthService/trunk/__init__.py 2006-02-25 20:21:06 UTC (rev 65469)
+++ PluggableAuthService/trunk/__init__.py 2006-02-25 20:21:17 UTC (rev 65470)
@@ -82,18 +82,18 @@
p = getattr(REQUEST, '_logout_path', None)
if p is not None:
return apply(self.restrictedTraverse(p))
+
acl_users = self.acl_users
+ realm=RESPONSE.realm
+ RESPONSE.setHeader('WWW-Authenticate', 'basic realm="%s"' % realm, 1)
+
if IPluggableAuthService.isImplementedBy(acl_users):
acl_users.resetCredentials(REQUEST, RESPONSE)
else:
- realm=RESPONSE.realm
- RESPONSE.setHeader('WWW-Authenticate', 'basic realm="%s"' % realm, 1)
raise Unauthorized, '<p>You have been logged out.</p>'
- referrer = REQUEST.get('HTTP_REFERER') # HTTP_REFERER is optional header
- if referrer:
- REQUEST['RESPONSE'].redirect(referrer)
- else:
- RESPONSE.setBody("""<html>
+
+ RESPONSE.setStatus(401)
+ RESPONSE.setBody("""<html>
<head><title>Logout</title></head>
<body>
<p>
_______________________________________________
Zope-CVS maillist - Zope-CVS@zope.org
http://mail.zope.org/mailman/listinfo/zope-cvs
Zope CVS instructions: http://dev.zope.org/CVS
- more fixing of manage_zmi_logout: Stop trying to be clever about the
referer - this simply cannot work. Calling RESPONSE.redirect will lead to
unexpected views being loaded and it destroys the 401 response code
that is needed to make the browser forget basic auth credentials.
Changed:
U PluggableAuthService/trunk/__init__.py
-=-
Modified: PluggableAuthService/trunk/__init__.py
===================================================================
--- PluggableAuthService/trunk/__init__.py 2006-02-25 20:21:06 UTC (rev 65469)
+++ PluggableAuthService/trunk/__init__.py 2006-02-25 20:21:17 UTC (rev 65470)
@@ -82,18 +82,18 @@
p = getattr(REQUEST, '_logout_path', None)
if p is not None:
return apply(self.restrictedTraverse(p))
+
acl_users = self.acl_users
+ realm=RESPONSE.realm
+ RESPONSE.setHeader('WWW-Authenticate', 'basic realm="%s"' % realm, 1)
+
if IPluggableAuthService.isImplementedBy(acl_users):
acl_users.resetCredentials(REQUEST, RESPONSE)
else:
- realm=RESPONSE.realm
- RESPONSE.setHeader('WWW-Authenticate', 'basic realm="%s"' % realm, 1)
raise Unauthorized, '<p>You have been logged out.</p>'
- referrer = REQUEST.get('HTTP_REFERER') # HTTP_REFERER is optional header
- if referrer:
- REQUEST['RESPONSE'].redirect(referrer)
- else:
- RESPONSE.setBody("""<html>
+
+ RESPONSE.setStatus(401)
+ RESPONSE.setBody("""<html>
<head><title>Logout</title></head>
<body>
<p>
_______________________________________________
Zope-CVS maillist - Zope-CVS@zope.org
http://mail.zope.org/mailman/listinfo/zope-cvs
Zope CVS instructions: http://dev.zope.org/CVS