|
Olaf Stein
steino at ccri.net
Sun Apr 15 15:30:59 EDT 2007
Hi all,
I am relatively new to mod_python and tried to find some online docs in this
topic, have not been very successful though.
Here is the scenario:
I have an app residing with htdocs/apps
Http.conf entries
-------
<Directory /usr/local/apache/htdocs/apps/>
SetHandler mod_python
PythonHandler mod_python.publisher
PythonDebug On
</Directory>
-------
My html templates are sitting outside apps in /usr/local/apache/htdocs/tmpl
and I read those from there.
I also have a folder /usr/local/apache/htdocs/files where I copy files
uploaded by the users.
Now, obviously both these directories are viewable with a browser with no
restrictions (assuming one knows the entire path to a file, including the
file name).
I do not want anybody to have access those files without going through the
app.
I protected the directories with htaccess.
Now I have the problem that the browser wants a username and password when
the app loads the templates.
The questions are then:
- Does this setup make sense at all or should I place those folders and
files somewhere else (e.g within the app handler folder).
- If this makes sense, how can I access the files from within the app
without having to enter credentials (basically going around the
authentication process)
Thanks in advance
Olaf
|