diff options
| author | Volker Diels-Grabsch <v@njh.eu> | 2017-06-09 14:48:54 +0200 |
|---|---|---|
| committer | Volker Diels-Grabsch <v@njh.eu> | 2017-06-09 14:48:54 +0200 |
| commit | 5067ffcf19a8659777406b06485fefc75404f2fa (patch) | |
| tree | 4e072c718a77092d1abcd6a22b8b64e2a65af1e3 | |
| parent | 7b3249dff86b4359508897c77dea6aa75421b052 (diff) | |
| download | pyramid-5067ffcf19a8659777406b06485fefc75404f2fa.tar.gz pyramid-5067ffcf19a8659777406b06485fefc75404f2fa.tar.bz2 pyramid-5067ffcf19a8659777406b06485fefc75404f2fa.zip | |
Fix forbidden_view for BasicAuthAuthenticationPolicy (#3066)
| -rw-r--r-- | CONTRIBUTORS.txt | 2 | ||||
| -rw-r--r-- | pyramid/authentication.py | 10 |
2 files changed, 8 insertions, 4 deletions
diff --git a/CONTRIBUTORS.txt b/CONTRIBUTORS.txt index cbee08d0d..445536e9e 100644 --- a/CONTRIBUTORS.txt +++ b/CONTRIBUTORS.txt @@ -302,3 +302,5 @@ Contributors - Jeremy(Ching-Rui) Chen, 2017/04/19 - Fang-Pen Lin, 2017/05/22 + +- Volker Diels-Grabsch, 2017/06/09 diff --git a/pyramid/authentication.py b/pyramid/authentication.py index 03b204e1a..445d6fcd2 100644 --- a/pyramid/authentication.py +++ b/pyramid/authentication.py @@ -1084,10 +1084,12 @@ class BasicAuthAuthenticationPolicy(CallbackAuthenticationPolicy): from pyramid.view import forbidden_view_config @forbidden_view_config() - def basic_challenge(request): - response = HTTPUnauthorized() - response.headers.update(forget(request)) - return response + def forbidden_view(request): + if request.authenticated_userid is None: + response = HTTPUnauthorized() + response.headers.update(forget(request)) + return response + return HTTPForbidden() """ def __init__(self, check, realm='Realm', debug=False): self.check = check |