[mod_python] Complicated GET configuration

Hunter Matthews thm at duke.edu
Fri Aug 16 15:58:10 EST 2002

On Fri, 2002-08-16 at 16:26, vio wrote:
> * Hunter Matthews <thm at duke.edu> [020816 14:24]:
> > 
> > (...)
> >
> > What I had as a first attempt was:
> > <Location /XMLRPC/$RHN>
> >     SetHandler python-program
> >     PythonAuthzHandler current_apache
> > </Location>
> > 
> > But this is clearly wrong (and it doesn't work, either :) 
> > Because I have the SetHandler, mod_python tries to handle ALL the
> > different parts of the request, when I only want it to handle the Authz
> > stage: if that PythonAuthzHandler returns  apache.OK, then I would like 
> > apache to pick up the URL and just fling it back at the client - the
> > python part is done.
> My recalling of the mod_python manual reading (at least over a month old now,
> so I might be wrong here) is that Apache handles requests in stages. And
> with mod_python you pick and choose which stages you want to handle. 

Thats what I need to know here - how to choose to handle the Authz
stage, without choosing to handle the main default stage (throwing bits
down the socket).

> But you never have to handle ALL stages.
> Have you checked the tutorial file 'tut-more-complicated.html'?
> I see there talk about 'PythonAuthenHandler', but nothing about
> 'PythonAuthzHandler' you are referring to here (a typo?).

There is a reference to it on:

and running strings on the mod_python.so shows that it is there. There
is a reference to it in the mailing list archives.

> I don't know if this is of any help, but an example of the different way 
> GET and POST are handled, which I found quite useful, is illustrated in 
> 'util.py/class FieldStorage/__init__'.

The goal here is that if the URL is 

that we always run the Authz handler, and nothing else.

But since the requests aren't to a specific script 
(like /XMLRPC/$RHN/redhat-7.3-i386/listPackages/200208142123/script.py)

but are instead 

I'm not at all certain how to say

For all URLs under /XMLRPC/$RHN
Please use the Authz handler to make sure the client is authorized,
and if so,
apache please send the client the file that was requested.

> Hope this helps,
> Vio
Hunter Matthews                          Unix / Network Administrator
Office: BioScience 145/244               Duke Univ. Biology Department
Key: F0F88438 / FFB5 34C0 B350 99A4 BB02  9779 A5DB 8B09 F0F8 8438
Never take candy from strangers. Especially on the internet.

More information about the Mod_python mailing list