|
StianSøiland
stian at soiland.no
Fri Nov 7 11:00:13 EST 2003
On 2003-11-06 21:28:14, Svenne Krap wrote:
> The second problem, having the http-authorization-dialog popping up is
> still not resolved... Any thoughts ?
We've found out with 3.1.2b that the AuthenHandler-thingie is not fully
functional.
We tried the simple example from the documentations, and even made it
simpler:
.htaccess
---------
PythonPath "['/our/libs'] + sys.path"
PythonAuthenHandler Cerebrum.web.login
AuthType Basic
AuthName "Cerebrum"
require valid-user
Cerebrum/web/login.py
---------------------
from mod_python import apache
def authenhandler(req):
pw = req.get_basic_auth_pw()
user = req.user
if user != "":
return apache.OK
return apache.HTTP_UNAUTHORIZED
This failed with a 500 Server Error. Watching the apache log reveals a
hint:
[Fri Nov 07 10:49:42 2003] [error] [client 129.241.56.39]
python_handler: After PythonAuthenHandler req->user is NULL. Assign
req.user to avoid this error.
This seems weird.. modifing the function:
def authenhandler(req):
req.user = ""
pw = req.get_basic_auth_pw()
user = req.user
if user != "":
return apache.OK
return apache.HTTP_UNAUTHORIZED
This works perfect, the login dialog appears, and disappears if any
login name is entered.
Now - why should req.user need to be set first?
Even the simplest handler:
def authenhandler(req):
return apache.HTTP_UNAUTHORIZED
fails.. but if req.user = "" is set, it works.
--
Stian Søiland Work toward win-win situation. Win-lose
Trondheim, Norway is where you win and the other lose.
http://www.soiland.no/ Lose-lose and lose-win are left as an
exercise to the reader. [Limoncelli/Hogan]
|