[mod_python] req.user always returns None

Mitesh Shah mshah at harpercollege.edu
Mon Feb 9 23:06:07 EST 2009 

>What is the original Apache configuration block you are using for
>authentication and where is the CGI script located?

Here is the conf block for the html directory (authentication dir):

****http.conf****
<Directory "/var/www/html">
	Options Indexes FollowSymLinks
	AllowOverride AuthConfig
	Order allow,deny
    	Allow from all
</Directory>
****http.conf****

Now the actual .htaccess and html files are in /var/www/html/gapps.

My python CGI is in /var/www/cgi-bin.


-----Original Message-----
From: Graham Dumpleton [mailto:graham.dumpleton at gmail.com] 
Sent: Monday, February 09, 2009 9:52 PM
To: Mitesh Shah
Cc: mod_python at modpython.org
Subject: Re: [mod_python] req.user always returns None

2009/2/10 Mitesh Shah <mshah at harpercollege.edu>:
> Sorry for the confusion.  Well it was initially a CGI and then I
learned
> about mod_python.  Right now I haven't made any changes to the CGI
until
> I learn how mod_python works.  And all I need is the username and not
> the full name.  When I tried -- os.environ["REMOTE_USER"] -- it never
> returned anything.  I think I'm just having a hard time understanding
> the logistics of mod_python.

If you are using os.environ["REMOTE_USER"] inside mod_python handler
it will not work. Only relevant to CGI scripts. Just making sure we
are talking about same thing here.

> I call an html and ask for authentication, this should set the cgi
> variable but since my python CGI is calling python (#!/usr/bin/python)
> separately, I don't think it can access the username from the initial
> authentication.

If you mean that the first line of your CGI script has that line, then
that is normal and how UNIX knows what interpreter to run for the
contents of the script.

If REMOTE_USER environment variable is not set for CGI script, then AD
authentication handler is either not setting 'user' correctly, or the
CGI script isn't located in the same Directory/Location context for
which the authentication was enabled.

What is the original Apache configuration block you are using for
authentication and where is the CGI script located?

Graham

> Which brought me mod_python.  Every example I see they change Apache's
> httpd.conf to point to the python script. And then this calls
> req.get_basic_auth_pw() and req.user and I am able to see the
username.
> Basically I want the user to authenticate and be presented the html
form
> and then post to my CGI(or soon mod_python) and then the python script
> would then grab the username via req.user.
>
> Thanks for you help so far.
>
> -Mitesh
>
> -----Original Message-----
> From: Graham Dumpleton [mailto:graham.dumpleton at gmail.com]
> Sent: Monday, February 09, 2009 7:21 PM
> To: Mitesh Shah
> Cc: mod_python at modpython.org
> Subject: Re: [mod_python] req.user always returns None
>
> 2009/2/10 Mitesh Shah <mshah at harpercollege.edu>:
>> I will take a look at mod_wsgi.  Anyway, looking at the initial post
I
>> realized that pw = req.get_basic_auth_pw() came AFTER req.user.  I
> don't
>> know how many times I had read that this was incorrect and STILL did
>> it!!  Anyway, I got it to work with that change.  But this was all
> just
>> for testing.  But now I realized that I may not be able to use this
> with
>> what I want to accomplish.
>>
>> 1) Use apache Authorization via .htaccess (which connects to Active
>> Directory) -- Working
>> 2) After the user is authenticated I have a form (html) with two
> fields
>> that posts to a python script. -- partially working (cannot log
>> username)
>
> When you say script, what is it implemented as, CGI or mod_python?
>
> If CGI, then user should be available as REMOTE_USER environment
> variable. If mod_python then as req.user.
>
> If these don't work then the AD module you are using for
> authentication is broken in not setting 'user' in Apache request
> structure properly.
>
>> The reason I looked into mod_python was that I am trying to pass the
>> user's name from the initial login to my python script.  Any ideas on
>> how I could do this?
>
> Or are you after full name of user rather than a log in ID?
>
> Can you clarify a bit.
>
> Graham
>
>> Thanks,
>> Mitesh
>>
>> -----Original Message-----
>> From: Graham Dumpleton [mailto:graham.dumpleton at gmail.com]
>> Sent: Monday, February 09, 2009 5:35 PM
>> To: Mitesh Shah
>> Cc: mod_python at modpython.org
>> Subject: Re: [mod_python] req.user always returns None
>>
>> It is the authentication handlers responsibility, directly or
>> indirectly, to set req.user, it will not be set before the
>> authentication handler is called. Setting it is one of the things
that
>> a correctly implement authentication handler should do.
>>
>> For the way you are doing things, req.user will only be set after:
>>
>>  pw = req.get_basic_auth_pw()
>>
>> is called. Ie., done as a side effect of that call.
>>
>> BTW, if you are new to mod_python, you might want to consider instead
>> using mod_wsgi, writing your application code as a WSGI application
>> and using mod_wsgi's much simpler to understand authentication
>> provider hooks where everything is done for you except for validating
>> the user credentials. For the latter see:
>>
>>  http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms
>>
>> Graham
>>
>> 2009/2/10 Mitesh Shah <mshah at harpercollege.edu>:
>>> I am having some issues trying to req.user to return a username.  I
> am
>> very
>>> new to python and mod_python.  I happened upon this thread:
>>>
>>>
>>>
>>> http://osdir.com/ml/python.mod_python/2003-10/msg00092.html
regarding
>> a
>>> similar issue.
>>>
>>>
>>>
>>> Anyway, even when I ran the code posted by "David Hancock" in the
> post
>> above
>>> I only got a "None" for the username in the error_log file.  I am
>> sending
>>> this in the URL:
>>>
>>> "http://localhost/python/mptest"
>>>
>>>
>>>
>>> Here is the test setup as it applies to me(basically unchanged).
>>>
>>>
>>>
>>> ******mptest.py*******
>>>
>>> from mod_python import apache
>>>
>>>
>>>
>>> def handler(req):
>>>
>>>         req.content_type = 'text/plain'
>>>
>>>         req.send_http_header()
>>>
>>>         req.write("Hello, world!")
>>>
>>>         return apache.OK
>>>
>>>
>>>
>>> def authenhandler(req):
>>>
>>>         user = req.user
>>>
>>>         pw = req.get_basic_auth_pw()
>>>
>>>         req.log_error(str(user) + ' ' + str(pw))
>>>
>>>         if user == "fred" and pw == "secret":
>>>
>>>                 return apache.OK
>>>
>>>         else:
>>>
>>>                 return apache.HTTP_UNAUTHORIZED
>>>
>>> *******mptest.py******
>>>
>>>
>>>
>>> *******httpd.conf******
>>>
>>> <Directory "/var/www/html/python">
>>>
>>>     AddHandler python-program .py
>>>
>>>     PythonHandler mptest
>>>
>>>     PythonAuthenHandler mptest
>>>
>>>     AuthType Basic
>>>
>>>     AuthName "mod_python restricted area"
>>>
>>>     require valid-user
>>>
>>>     PythonDebug On
>>>
>>> </Directory>
>>>
>>> ******httpd.conf*******
>>>
>>>
>>>
>>> *******error_log*******
>>>
>>> [Mon Feb 09 17:10:04 2009] [error] [client 127.0.0.1] None secret
>>>
>>> *******error_log*******
>>>
>>>
>>>
>>> After attempting to login I get a 401 page and then I am asked to
>> login
>>> again.
>>>
>>>
>>>
>>> Any help would be greatly appreciated!
>>>
>>>
>>>
>>> Thank you,
>>>
>>> Mitesh
>>>
>>>
>>>
>>> _______________________________________________
>>> Mod_python mailing list
>>> Mod_python at modpython.org
>>> http://mailman.modpython.org/mailman/listinfo/mod_python
>>>
>>>
>>
>

More information about the Mod_python mailing list