[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
fix several pbs:
* we need a session id and a session cookie anyway, else subsequent http queries are unrelated
* this imply some changes in the session attribution workflow for session without a cnx
* some views/selectors must be fixed for cases where session has no cnx
On the way, avoid unnecessary Redirect on successful login.
closes #750543
# copyright 2003-2010 LOGILAB S.A. (Paris, FRANCE), all rights reserved.# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr## This file is part of CubicWeb.## CubicWeb is free software: you can redistribute it and/or modify it under the# terms of the GNU Lesser General Public License as published by the Free# Software Foundation, either version 2.1 of the License, or (at your option)# any later version.## CubicWeb is distributed in the hope that it will be useful, but WITHOUT# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more# details.## You should have received a copy of the GNU Lesser General Public License along# with CubicWeb. If not, see <http://www.gnu.org/licenses/>.fromlogilab.common.deprecationimportclass_renamed,class_movedfromcubicweb.serverimporthookSystemHook=class_renamed('SystemHook',hook.Hook)PropagateSubjectRelationHook=class_renamed('PropagateSubjectRelationHook',hook.PropagateSubjectRelationHook)PropagateSubjectRelationAddHook=class_renamed('PropagateSubjectRelationAddHook',hook.PropagateSubjectRelationAddHook)PropagateSubjectRelationDelHook=class_renamed('PropagateSubjectRelationDelHook',hook.PropagateSubjectRelationDelHook)Hook=class_moved(hook.Hook)