[mod_python] Authentication

riesch at nieuw.nl riesch at nieuw.nl
Fri Aug 24 10:12:44 EST 2001 

Hi there,


I'm using the standard authentication now (with the authenhandler). This all works fine, but I can't seem to figure out how to let a user logout. I've tried to pass information about logout with the url. Something like:

http://www.site.com/?logout

def authenhandler(req):
   form = util.FieldStorage(req, keep_blank_values=1)

   if form.has_key(logout):
      return apache.HTTP_UNAUTHORIZED

   pw   = req.get_basic_auth_pw()
   user = req.connection.user
   if correct_user(user, pw):
      return apache.OK
   else:
      return apache.HTTP_UNAUTHORIZED



Unfortunately, this has the following effects:
-
The dialog pops up, even if the user is entering an area that's not protected. Not a very nice sollution, but workable (perhaps)
-
The url stays the same, which causes that the 'form' keeps logout-key. This results in repeatedly returing of HTTP_UNAUTHORIZED.


Does anyone have experience with this, or have some hints or thoughts ?


Thanks ahead,
Richard

More information about the Mod_python mailing list