[issue8894] urllib2 authentication manager retries forever if password is wrong
New submission from jurjen Bos : If you use an authentication manager from urllib2, it will submit user code and password if authentication fails. However, if the password is wrong, the authentication manager will happily try again, again with the same password. A simple way to circumvent this is attached: it modifies the password manager's behaviour to submit each password only once. One problem I see is in cases where a program needs to log in multiple times in the same site: I propose an extra call to the password manager to reset the "visited" flag. More details and sample code are in the file. -- components: Library (Lib) files: circumvent.py messages: 107009 nosy: Jurjen priority: normal severity: normal status: open title: urllib2 authentication manager retries forever if password is wrong type: behavior versions: Python 2.6 Added file: http://bugs.python.org/file17545/circumvent.py ___ Python tracker <http://bugs.python.org/issue8894> ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue8894] urllib2 authentication manager retries forever if password is wrong
jurjen Bos added the comment: Yep you're right. In that thread they are talking about the exact same problem as I was having. Obviously, I didn't find that one when I was looking for the problem in the database before I posted this. I do have my doubts about the 5 retries they propose though, I am not sure that the web site I use will not block the account if someone does 5 attempts. - Jurjen -- ___ Python tracker <http://bugs.python.org/issue8894> ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue8797] urllib2 basicauth broken in 2.6.5: RuntimeError: maximum recursion depth exceeded in cmp
jurjen Bos added the comment: I would like to point out that this is not going to work if someone visits more than 5 sites with the same authentication manager. This would have to be documentated, at least. We could fix this by putting the retry counter in the HTTPPasswordMgr; it is not hard to put in an extra field in the password database with the retry counter. See also my remarks in issue8894 -- nosy: +Jurjen ___ Python tracker <http://bugs.python.org/issue8797> ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
