On Mon, 2011-01-03 at 02:19 -0800, mgemmill wrote: > Hi, > > I ran into a small snag while using pyramid beaker session and pyramid > security. I've setup a Forbidden exception handler which in turn > redirects to either an error view (i.e. they're logged in, but lack > credentials) or back to the login view (if they're not logged in). I > was using session.flash within the forbidden handler so as to pass the > error messages on to the view, but found the messages were not > persisting. Turns out that the beaker session object's callback will > drop the session if the request has an exception attribute (so the > session never saves). I fixed the matter by just deleting the > exception attribute from the request, but I'm wondering if there is a > better approach. It seems reasonable under actual error conditions > that you'd want to drop any session updates by default, but at the > same time is seems to me that message flashing would be useful in this > situation as well. Has anyone else ran into a similar situation? > Should I perhaps be doing something different?
The built-in session factory allows you to control this behavior by passing the session factory config a "cookie_on_exception" value. If it's true, cookies are set when an exception is encountered. By default, it's false. We could try to add something like that to the pyramid_beaker session factory too. - C > > Cheers, > Mark > -- You received this message because you are subscribed to the Google Groups "pylons-devel" group. To post to this group, send email to pylons-de...@googlegroups.com. To unsubscribe from this group, send email to pylons-devel+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-devel?hl=en.
