Logged In: YES
user_id=261020
Hmm, on second thoughts: use of module logging only solves
the debugging problem. People may want to programatically
handle failure of authentication (and, say, report to the
user "authentication failed, you entered the wrong username
or password", or "authentication failed: hash algorithm YYY
not implemented").
That doesn't make applying this patch a bad idea, because
the HTTPDigestAuthHandler ValueError is not useful for that
purpose. People wanting to handle this at run time can
(already) and should catch the HTTPError that will
eventually be raised when no handler handles the 40*
reponse. (although the bug addressed by this patch breaks
that in one very specific case, of course: where both digest
+ basic handlers are present, and a basic auth challenge is
received)
In summary, this patch should be applied, but we should also
, as an additional feature, think up some way of allowing
auth failure information to be reported by these handlers
(probably by stuffing the info into the HTTPError).
|