From 0dd8088ae9eadc86d94aabcbf69ab1b079ed34c3 Mon Sep 17 00:00:00 2001
From: Tres Seaver <tseaver@agendaless.com>
Date: Sat, 09 May 2009 00:21:40 +0200
Subject: [PATCH] Added 'passthrough_challenge_decider', which avoids re-challenging 401 responses which have been "pre-challenged" by the application.

---
 docs/narr.rst |   13 ++++++++++---
 1 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/docs/narr.rst b/docs/narr.rst
index c1e7f70..62aaad0 100644
--- a/docs/narr.rst
+++ b/docs/narr.rst
@@ -27,9 +27,10 @@
 themselves as willing to participate in identification and
 authorization for a request based on this classification.  The request
 classification system is pluggable.  :mod:`repoze.who` provides a
-default classifier that you may use.  You may extend the
-classification system by making :mod:`repoze.who` aware of a different
-request classifier implementation.
+default classifier that you may use.
+
+You may extend the classification system by making :mod:`repoze.who` aware
+of a different request classifier implementation.
 
 Challenge Deciders
 ------------------
@@ -38,6 +39,12 @@
 response returned from a downstream application requires a challenge
 plugin to fire.  When using the default challenge decider, only the
 status is used (if it starts with ``401``, a challenge is required).
+
+:mod:`repoze.who` also provides an alternate challenge decider,
+``repoze.who.classifiers.passthrough_challenge_decider``, which avoids
+challenging ``401`` responses which have been "pre-challenged" by the
+application.
+
 You may supply a different challenge decider as necessary.
 
 Plugins

--
Gitblit v1.9.3