[mod_python] authenhandler woes

Brian Bird brian.bird at securetrading.com
Mon Oct 4 10:21:04 EDT 2004


Not sure what will happen if you turn off locking. However, I experienced
similar hangs when I first started using Session. It seemed to happen
whenever a single request tried to instantiate two new Session objects, the
second instantiation would usually (if not always) hang the script. No idea
why, but I re-wrote my code to only create one Session and it was fine.

Brian

-----Original Message-----
From: mod_python-bounces at modpython.org
[mailto:mod_python-bounces at modpython.org] On Behalf Of Todd Boland
Sent: 04 October 2004 00:36
To: mod_python user mailing list
Subject: Re: [mod_python] authenhandler woes


A bit of googling reveals this post by Grisha who recommended passing 
lock=0 when instantiating the session:

http://www.modpython.org/pipermail/mod_python/2004-April/015374.html

This fixes my problem but I am unaware of the implications of turning 
session locking off. Can anyone explain them?

Todd

On Oct 3, 2004, at 6:26 PM, Todd Boland wrote:

> I've created a mod_python authenhandler which sets some session data.
> It works perfectly for the initial request. Unfortunately, all 
> subsequent requests hang on the line I marked with a > character. 
> Anyone have any ideas?
>
> The behavior  I'm experiencing is as if the handler was waiting for a
> lock to be released on the session dbm file. I'm using mod_python 
> 3.1.3 with Python 2.3.4
>
> from mod_python import apache, util
> from mod_python.Session import Session
>
> def authenhandler(req):
>         password = req.get_basic_auth_pw()
>         username = req.user
>
> >        req.session = Session(req, secret="********")
>
>         if req.session.is_new() == True:
>                 from RPM.database import connection
>                 cursor = connection.cursor()
>
>                 try:
>                         cursor.execute("SELECT accounts.id AS
> account_id, users.id AS user_id, people.id AS person_id, 
> organizations.id AS organization_id, users.username AS username, 
> CONCAT(people.first_name, ' ', people.last_name) AS person_name, 
> organizations.name AS organization_name, people.email_address AS 
> email_address FROM accounts, users, people, organizations WHERE 
> users.person_id = people.id AND people.organization_id = 
> organizations.id AND accounts.organization_id = organizations.id AND 
> users.username = %s AND users.password = PASSWORD(%s)" % 
> (connection.escape(username), connection.escape(password)))
>
>                         req.session.update(cursor.fetchone())
>                         cursor.execute("UPDATE users SET last_login =
> NOW() WHERE id = %d" % req.session["user_id"])
>                         cursor.close()
>                         req.session.save()
>
>                 except(KeyError, AttributeError):
>                         req.log_error("Invalid password for %s" %
> req.user,
>                                 apache.APLOG_NOTICE )
>                         return apache.HTTP_UNAUTHORIZED
>
>         return apache.OK
>
> _______________________________________________
> Mod_python mailing list
> Mod_python at modpython.org 
> http://mailman.modpython.org/mailman/listinfo/mod_python
>

_______________________________________________
Mod_python mailing list
Mod_python at modpython.org
http://mailman.modpython.org/mailman/listinfo/mod_python



More information about the Mod_python mailing list