[mod_python] Problem with AuthenHandler & Apache Configuration

Grant Beasley gbeasley at tsa.ac.za
Thu Oct 3 13:40:20 EST 2002 

Hi

I'm trying to set up my website in such a way that the entire website is
protected by an AuthenHandler, and the "cgi" directory (where my mod_python
scripts run) is directed to a publisher (my own modification of the standard
publisher).

To do this, I setup Apache with the following directives:

<Directory "C:/Projects/http/cgi">
  SetHandler python-program
PythonHandler mypub
PythonDebug On
</Directory>

<Directory "C:/Projects/http">
  SetHandler python-program
PythonAuthenHandler authen
	AuthType Basic
	AuthName "Restricted Area"
	require valid-user
PythonLogHandler log
PythonDebug On
</Directory>

I've programmed my authenhandler (for debugging purposes) as follows:
    pw = req.get_basic_auth_pw()
    user = req.connection.user
    f = open("C:\\authendump.txt", "a")
    f.write("""Authen - %s
URI: %s
UNPARSED_URI: %s
THE_REQUEST: %s
PATH_INFO: %s
FILENAME: %s
USER: %s
PW: %s
-----------------
""" % (strftime('%d/%m/%Y %H:%M:%S', localtime()),req.uri, req.unparsed_uri,
req.the_request, req.path_info, req.filename, user, pw))
    if user is not None:
        return apache.OK
    else:
        return apache.HTTP_UNAUTHORIZED
    f.close()

i.e. Just to dump a few variables for inspection.

For a single request, the above configuration gives me the following:

Authen - 03/10/2002 13:31:16
URI: /showuser
UNPARSED_URI: /showuser
THE_REQUEST: GET /cgi/cool/showuser HTTP/1.1
PATH_INFO:
FILENAME: c:/projects/http/showuser
USER: None
PW: None
-----------------
Authen - 03/10/2002 13:31:16
URI: /cgi/cool/showuser
UNPARSED_URI: /cgi/cool/showuser
THE_REQUEST: GET /cgi/cool/showuser HTTP/1.1
PATH_INFO: /showuser
FILENAME: c:/projects/http/cgi/cool
USER: None
PW: None
-----------------
Authen - 03/10/2002 13:31:18
URI: /showuser
UNPARSED_URI: /showuser
THE_REQUEST: GET /cgi/cool/showuser HTTP/1.1
PATH_INFO:
FILENAME: c:/projects/http/showuser
USER: gb
PW: a
-----------------
Authen - 03/10/2002 13:31:18
URI: /cgi/cool/showuser
UNPARSED_URI: /cgi/cool/showuser
THE_REQUEST: GET /cgi/cool/showuser HTTP/1.1
PATH_INFO: /showuser
FILENAME: c:/projects/http/cgi/cool
USER: gb
PW: a
-----------------

In other words the authenhandler code is executing twice, with a different
URI. On inspection of the get_config() and get_dirs(), I can see that it's
executing once for each of the above directives.

What I'd like to know is why this occurs, and how do I prevent it?

Any help appreciated.

Grant Beasley

More information about the Mod_python mailing list