Hi,

I'm trying to create an authorization scheme in Araneida. Basically whenever a location in my URL space is called I want to check whether the user is authorized and redirect to a login page if he isn't.

I found this post on usenet: http://groups.google.com/group/comp.lang.lisp/browse_thread/thread/a69905676...

According to this post, the generic function "request-authorized-p" is called for every request to determine whether a client is authorized.

To test this, I've got:

============= snip ================== (defclass root-page-handler (araneida:handler) ())

(defmethod request-authorized-p ((araneida:handler root-page-handler) method request) (format t "not authorized"))

(defmethod request-not-authorized ((araneida:handler root-page-handler) method request) (araneida:request-redirect request *login-urlstring*))

(defmethod handle-request-response ((araneida:handler root-page-handler) method request) (araneida:request-send-headers request) (araneida:html-stream (araneida:request-stream request) `(html (body (p "logged in")))))

(defparameter *root-page-handler-instance* (make-instance 'root-page-handler))

(araneida:install-handler (http-listener-handler *listener*) *root-page-handler-instance* *app-urlstring* t) ============= snip ==================

So, I've got request-authorized-p on class root-page-handler. However, I find that this method is never called by Araneida; instead, handle-request-response is still called.

What gives? What am I missing?

Joubert