Exception view for Unauthorized exceptions not working

[dataflake]

BUG/PROBLEM REPORT (OR OTHER COMMON ISSUE)

It looks like registering a view for Unauthorized doesn't work correctly due to the way Unauthorized is handled in the WSGI publisher. The view will get called correctly, but in https://github.com/zopefoundation/Zope/blob/master/src/ZPublisher/WSGIPublisher.py#L212:L216 any response status the view may have set, such as a 302 redirect, is overwritten by the status from the exception, which is 401 Unauthorized. This will cause the browser to pop up the basic HTTP authentication box.

What I did:

Registered a view for Unauthorized, the view code attempts to redirect the browser to a login page (example taken from Products.CMFDefault):

  <browser:page
      for="zExceptions.Unauthorized"
      layer="Products.CMFDefault.interfaces.ICMFDefaultSkin"
      name="index.html"
      class=".authentication.UnauthorizedView"
      permission="zope.Public"
      />

What I expect to happen:

The login page should show when I browse to a page I don't have enough privileges for

What actually happened:

The browser pops up a basic HTTP authentication prompt

What version of Python and Zope/Addons I am using:

Zope 4.x branch on Python 2

[icemac]

See #944 for a resolution to this problem which does not require changes in Zope itself.