[mod_python] whole site handlers and authentication

Richard Lewis richardlewis at fastmail.co.uk
Tue Nov 14 07:34:39 EST 2006

Hi there,

I'm thinking of providing an HTTP interface for database editting and was 
wondering about how to use authentication.

Currently, my mod_python MySQL-backed site uses a handler inside a VirtualHost 
which handles all requests like this:

<VirtualHost [ipaddr]:80>
    ServerName www.sara.uea.ac.uk
    DocumentRoot /var/webapps/sara

    SetHandler mod_python
    PythonPath 'sys.path+["/var/webapps/sara"]'

    PythonHandler sara.web

meaning that all requests are handled by the sara.web module. (This module 
uses URI regular expression pattern matching etc. etc. so request URI paths 
don't map to the server directory layout in any way.)

I plan to implement a URI-controlled API where all "commands" will begin 
with "/edit/". And I want to provide authentication for these commands (I 
have a MySQL user database). Because I have this "whole site" handler, will 
it be possible to use standard authentication directives? And will it be 
possible to use the Directory directive for "/edit/" requests, as I don't 
have actual directories?

If not, will it be possible to implement authentication manually with 
mod_python using the HTTP specification:

Any thoughts?

Richard Lewis
Sonic Arts Research Archive
JID: ironchicken at jabber.earth.li

More information about the Mod_python mailing list