[mod_python] [SPAM] mod_python/mod_wsgi and the apache processing pipeline

Andrew Smith andy at robotlovesyou.com
Thu Jul 23 15:12:10 EDT 2009

Hello Graham

Apologies for not replying to all before. I'm too used to having my  
had held for me by google groups ;)

I'd not come across mod_auth_tkt as I'm pretty new to linux/apache  
having been coding on windows for far far too long and for some reason  
it didn't come up when I was searching for suitable solutions. It does  
look very promising though. If that allows me to drop my requirement  
for a hook into apache's processing pipeline then I'll be able to move  
across to mod_wsgi, which seems to be the standard for python/apache  
integration these days.



On 23 Jul 2009, at 13:23, Graham Dumpleton wrote:

> 2009/7/23 Andrew Smith <andy at robotlovesyou.com>:
>> Hello Graham
>> Thanks for getting back to me
>> What I am doing is implementing a form based authentication scheme,  
>> which I
>> want to work for static content as well as dynamic. (hence  
>> implementing it
>> as a handler in python) I don't want to use basic authentication  
>> because it
>> does not offer the security or functionality I require. There are  
>> obviously
>> already forms based authentication systems available but none which  
>> either
>> a) The exact functionality I want, or b) Close enough to modify and  
>> coded in
>> a language I already know.
>> Right now the prototype I have is written using mod_python and  
>> hooked into
>> apache using the PythonAccessHandler option. (The  
>> PythonAuthenHandler phase
>> doesn't seem to fire unless apache is configured to use  
>> Authentication for a
>> particular resource, which I guess makes sense.)
>> I realise that there will be a performance hit for implementing  
>> this using
>> mod_python but I figure I can manage that by optimising the  
>> structure of the
>> site and ensuring that I only authenticate users for resources which
>> actually need it.
> Please use reply-all and keep discussion on list.
> Have you looked at mod_auth_tkt?
> Not that it will help you right now, but Apache 2.4 will have a
> mod_session module along with other modules to help implement SSO
> across static files and dynamic applications using form based
> authentication mechanisms with form provided by however you want to
> provide and in format you want it.
> What mod_auth_tkt can achieve now is probably now much different. If
> you have looked at it, why wasn't it suitable?
> Graham
>> Thanks
>> Andy
>> On 23 Jul 2009, at 12:06, Graham Dumpleton wrote:
>>> 2009/7/23 Andrew Smith <andy at robotlovesyou.com>:
>>>> Hello
>>>> I have a couple of questions about the capabilities of mod_python  
>>>> vs
>>>> mod_wsgi.
>>>> My current (mis?)understanding is that mod_wsgi does not allow me  
>>>> to
>>>> provide
>>>> handlers for apache stages such as PostReadRequest or Authz in  
>>>> the same
>>>> way
>>>> that mod_python does,
>>> Correct.
>>>> though I understand that I can create a mod_wsgi Authentication  
>>>> provider.
>>> As well as custom group authorization mechanism.
>>>> So my questions are 1)Is my understanding of the situation correct
>>> Close enough.
>>>> and 2) Are there any future plans for mod_wsgi to allow  
>>>> developers to
>>>> plug
>>>> into the apache processing pipeline in the same way that  
>>>> mod_python does
>>>> now?
>>> Undecided.
>>> Is interesting challenge, but a huge amount of effort for something
>>> that would be used by a handful of people.
>>> From what I have seen people use various handler phases for, they
>>> would in many cases be able to achieve the same thing using
>>> mod_headers, mod_rewrite or other custom Apache modules, much more
>>> easily and much more efficiently. Although Python makes writing
>>> content handler nicer, the overhead of Python makes it a very poor
>>> choice for other handler phases and input/output filters.
>>> My question therefore is, what are you trying to do and why do you
>>> think that Python would be a good way of doing it? In what ways  
>>> don't
>>> other Apache modules already do what you want, or allow you a  
>>> means of
>>> doing it?
>>> Graham

More information about the Mod_python mailing list