[mod_python] Re: more callable__auth__

Graham Dumpleton grahamd at dscpl.com.au
Fri Feb 24 19:59:01 EST 2006

Please keep followups on mailing list. :-(

On 25/02/2006, at 11:28 AM, Robert Thomas Davis wrote:

> Graham
> ...finally got everything up and running with the new
> version :)  Now I get a NameError exception on the
> call to validate_user (which, at least, is a step in
> the right direction)!!
> Do you have any suggestions as to what would be a
> better way to structure this so I don't encounter that
> issue?  Basically what I am trying to accomplish is
> the following...
> There will be more defs in index.py (like the devices
> def) whose contents I want to protect.  I want to
> ensure that the user will have to enter their
> user/passwd anytime attempts are made to access these
> functions (unless the current session is still valid
> of course).  After reading that article you references
> it seems I would need to move the validate_user
> function to an outside module and then import it
> inside the def __auth__()??

Personally I wouldn't use the mod_python.publisher authentication,
but that is a topic for another time.

If you must use the mod_python.publisher support for basic  
then use a wrapper class to do it. If you have Python 2.4, you could  
use decorators for the purpose to make it a really clean solution.

Basic code is:

   from mod_python import apache

   class Restricted:
     def __init__(self,method,realm="Restricted Access"):
       self.__call__ = method
       self.__auth_realm__ = realm
     def __auth__(self,req,user,password):
       return user == "mickey" and password == "mouse"

   def index(req):
     return "index"

   def page1(req):
     return "page1"

   def page2(req):
     return "page2"

   page2 = Restricted(page2)

The "Restricted" class acts as a wrapper around the published function.
The auth functions are actually in the wrapper class. Because the  
class is at global scope, you don't have the problem with nested  
that you are seeing.

I don't have Python 2.4, so can't give you a solution which uses  
but I am sure that someone else on the mailing list who has and  
decorators could provide so code pretty quick. The ideas with decorators
is you should be able to setup the code so all you need to do is  

   def index(req):
     return "index"

   def page1(req):
     return "page1"

   def page2(req):
     return "page2"

The decorator would do the magic of wrapping the function for you  
To me this would be a really clean solution, although possibly  
restricted to use
of functions.

Anyone want to step up and provide a decorator solution for this?

> Also, do any RPMs exist for these more recent versions
> of mod_python OR is there a documented procedure for
> building a mod_python RPM from the recent releases?

I imagine someone will put together an RPM for 3.2.7/3.2.8
at some stage. This is usually done by someone attached to
the maintainers of the Linux distribution and not the mod_python
folks though.


> --- Graham Dumpleton <grahamd at dscpl.com.au> wrote:
>> Robert Thomas Davis wrote ..
>>> Graham
>>> Sorry...your replies were be sent to the "bulk"
>>> folder...glad I checked it before just deleting
>> all!
>>> I am using mod_python 3.1.3 with apache 2.0.53 on
>>> Fedora Core 3.
>> Any chance you can upgrade to mod_python 3.2.7? I
>> really can't find
>> any problem with the basic structure of what you are
>> doing, but there
>> have been fixes to publisher in 3.2.7 that may mean
>> I am not seeing
>> the problem.
>>> The url I use to access the "devices" page (the
>> one I
>>> would like to protect) is
>> http://localhost/devices.
>>> I do agree about having the info on the mailing
>> list
>>> so others could learn from it; maybe we can post
>> the
>>> results.
>> The ongoing discussion is also useful, as the actual
>> debugging process
>> itself can be just as useful as the final result.
>> Thus, use reply-all.
>> Graham
>>> Thanks,
>>> --- Graham Dumpleton <grahamd at dscpl.com.au> wrote:
>>>> BTW, I can't seem to find that you have ever
>> said
>>>> exactly which version
>>>> of mod_python you are using. Are you using the
>>>> latest version?
>>>> Graham
>>>> Graham Dumpleton wrote ..
>>>>> Still generally prefer it to be on the mailing
>>>> list as other people can
>>>>> learn from it and it is in the mailing list
>>>> archive as well, so people
>>>>> down the track may find it as well and it may
>>>> solve a problem for
>>>>> them also.
>>>>> One more question. What URLs are you using to
>>>> access the resources
>>>>> so I can relate that properly to the Apache
>>>> configuration and the
>>>>> published functions in the file?
>>>>> Graham
>>>>> Robert Thomas Davis wrote ..
>>>>>> Hell graham
>>>>>> I really appreciate your help with
>> this...and
>>>> since
>>>>>> you have been the only one responding I
>> thought
>>>> I
>>>>>> might as well just mail you the files in
>>>> question
>>>>>> (index.py and httpd.conf, attached as a
>> .tgz)
>>>>>> The file index.py would normally live in the
>>>>>> directory:
>>>>>> /usr/local/lap/http/
>>>>>> Based on your last reply I am wondering if
>> it is
>>>> my
>>>>>> httpd.conf file that is setup incorrectly (i
>> do
>>>> not
>>>>>> get the 500 error at all).  When the
>> enclosed
>>>> code
>>>>>> gets executed it appears as though it skips
>>>> right over
>>>>>> the nested __auth__ fuction.  However, if
>> that
>>>>>> function is moved to the module scope
>> (index.py)
>>>> it
>>>>>> always gets called and subsequently calls
>> the
>>>>>> validate_users function.
>>>>>> Again...your help is much appreciated.
>>>>>> Rob
>> _______________________________________________
>>>>> Mod_python mailing list
>>>>> Mod_python at modpython.org
> http://mailman.modpython.org/mailman/listinfo/mod_python

More information about the Mod_python mailing list