[mod_python] Authentication behaviour

Conrad Steenberg conrad at hep.caltech.edu
Wed Aug 6 22:25:56 EST 2003


I have an authenhandler that basically ignores authentication headers
for GET requests, but requires them to be present for POST requests.

With Apache 2.0.46 this worked fine with a setup like e.g.
<Directory /opt/midir/>
       SetHandler python-program
       AddHandler python-program .py
       PythonHandler my_handler
       PythonAuthenHandler my_handler
       AuthType Basic
       AuthName "Restricted Area"

In 2.0.47 the authenhandler doesn't get called unless I add
      require valid-user
to the above. But this makes browsers pop up a password dialog for
requests without authentication headers (GET requests in this case).

Is there any way to make the browser not pop up the password dialog, but
still have the authenhandler called? I.e. where does the response get
generated that returns a "authentication required" value to the browser,
if not in the authenhandler?

Any help appreciated!


Conrad Steenberg <conrad at hep.caltech.edu>

More information about the Mod_python mailing list