|
Graham Dumpleton
graham.dumpleton at gmail.com
Mon Sep 24 06:46:47 EDT 2007
On 24/09/2007, Arnar Birgisson <arnarbi at gmail.com> wrote: > Hello Graham, > > On 9/24/07, Graham Dumpleton <graham.dumpleton at gmail.com> wrote: > > Does it have to be configurable from Apache configuration, could you > > just do it all in the Python script? > > Yes, I could do it all from a python script - any way that works :) > > > So, we don't even use auth/authz for this bit, but just use a fixup handler. > > *goes to read about fixup-handlers* > > Can I return apache.HTTP_UNAUTHORIZED from a fixup-handler to make the > browser request username/passwd? Technically you can. The issue will be that if you have defined AuthType etc then the earlier auth handler phase may result in it not getting that far. When reading about fixup handlers, the main point to realise is that for a authen handler you have: * Where multiple handlers are specified, if any handler in the sequence returns a value other than apache.DECLINED, then execution of all subsequent handlers for this phase are aborted. For a fixup handler you instead have: * Where multiple handlers are specified, if any handler in the sequence returns a value other than apache.OK or apache.DECLINED, then execution of all subsequent handlers for this phase are aborted. This is referred to as RUN_FIRST as opposed to RUN_ALL. Ie., run until first one returns and says it has done something, versus run all until an error. The other difference is purely the ordering of the phases and the notional purpose of each phase. If you really want to go deeply into understanding the difference, read: http://www.fmc-modeling.org/category/projects/apache/amp/4_4Request_Response_Loop.html Graham
|