[mod_python] Authentication

riesch at nieuw.nl riesch at nieuw.nl
Fri Aug 24 10:12:44 EST 2001

Hi there,

I'm using the standard authentication now (with the authenhandler). This all works fine, but I can't seem to figure out how to let a user logout. I've tried to pass information about logout with the url. Something like:


def authenhandler(req):
   form = util.FieldStorage(req, keep_blank_values=1)

   if form.has_key(logout):
      return apache.HTTP_UNAUTHORIZED

   pw   = req.get_basic_auth_pw()
   user = req.connection.user
   if correct_user(user, pw):
      return apache.OK
      return apache.HTTP_UNAUTHORIZED

Unfortunately, this has the following effects:
The dialog pops up, even if the user is entering an area that's not protected. Not a very nice sollution, but workable (perhaps)
The url stays the same, which causes that the 'form' keeps logout-key. This results in repeatedly returing of HTTP_UNAUTHORIZED.

Does anyone have experience with this, or have some hints or thoughts ?

Thanks ahead,

More information about the Mod_python mailing list