[mod_python] Setting req->user for mod_dav_svn

Deron Meranda deron.meranda at gmail.com
Tue Aug 1 01:45:38 EDT 2006


On 7/31/06, Graham Dumpleton <grahamd at dscpl.com.au> wrote:
> Deron Meranda wrote ..
> > I am using a PythonAccessHandler for all my authentication and
> > authorization needs; ...
>
> Are you using PythonAccessHandler at same time as PythonHandler?
> Aren't you seeing the hideously bad memory leak finally uncovered
> in the past day?

Yes, I use both, but I haven't really investigated if the leak bug is
hitting me yet.  I will look.  All of my requests go through a
PythonAccessHandler, and probably about 80% of them also go through
PythonHandler.  For some URLs I also use a multiple chained handler,
something like

  PythonAccessHandler one::accesshandler
  PythonHandler one::handler two::handler

The two phases communicate by pushing extra custom members into the
mod_python req object.  I also have a mix of different
PythonInterpreters too.

> > But I'm now trying to set up a subversion mod_dav_svn module...
> >
> > Can I set the req->user member from within mod_python (the docs
> > say it is read-only),
>
> In 3.2.8+ it is writable, the documentation is wrong. The documentation
> in 3.3 is correct.

Yes, after looking through the code I noticed it was a writable
member.  But I still had some doubt that I was overlooking something
because of the docs.  I should be able to verify tomorrow if this is
enough for mod_dav_svn.

> Using 3.2.10, you will have to continue to use an PythonAccessHandler to do
> what you want anyway, as it is impossible with mod_python prior to 3.3 to write
> a correct authentication handler in the style that they are supposed to be
> written when using Apache.

Yes, I am aware of the many missing features and am glad you've been
working so hard adding those in.  Of course I'll also want to
eventually migrate up to Apache 2.2 as well.  The more modular auth
stuff, and its provider hooks, look quite useful.

> Anyway, the only place I can think you might have problems is if subversion
> expects req.ap_auth_type to be set correctly as you will not have that ability
> when using mod_python 3.2.10.

I don't think svn cares about the auth_type, but I'll find out soon enough.

There's a second, optional, subversion module mod_authz_svn which
provides fine grained access control for different branches, etc.  I
don't know how mod_python may interact with it (especially since it
runs during the authz phase too).  But at least in my case that's not
too important; because my own mod_python handler can do all the access
control decisions I need.

Thanks Graham.
-- 
Deron Meranda


More information about the Mod_python mailing list