Hi, all.
http://docs.pylonsproject.org/projects/pyramid/en/1.2-branch/tutorials/wiki2/authorization.html
I think there's an error in the "Adding Authorization" authorization
part. In login.py, login() should return in the dict:
url = request.url,
instead of:
url = request.application_url + '/login',
because the login view having
context='pyramid.httpexceptions.HTTPForbidden' will never match a POST
to /login, resulting a HTTP 404 Not Found when the form is submitted.
Second, I think HTTPForbidden isn't appropriate because when a user
isn't authorized, it's not a HTTP Forbidden (403) taking place, but
rather an application-level HTTP 200 Ok requiring to submit user
credentials.
--
You received this message because you are subscribed to the Google Groups
"pylons-devel" group.
To post to this group, send email to pylons-devel@googlegroups.com.
To unsubscribe from this group, send email to
pylons-devel+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/pylons-devel?hl=en.
