[mod_python] Controlling authentication at run-time

Jorey Bump list at joreybump.com
Tue May 18 14:12:01 EDT 2004

Diener, Edward wrote:

> If Apache authentication is setup for files in a document directory 
> through directives in an .htaccess file, once the user has entered their 
> user name and password and is allowed access to the file, they are no 
> longer prompted each subsequent time as long as their session is active. 

The server continues to require the authentication for *each* access to 
the file. Your browser will provide it, but it will hide this action 
from you; hence, no prompt.

> Is there a way to control this at run-time so that the user will be 
> prompted for their user name and password in subsequent access to the 
> file, using mod_python ?

You can avoid HTTP Basic Authentication entirely, and create a function 
that displays a login form before serving the file from a directory that 
exists outside the document root.

That's just one possibility, there are plenty of other ways to approach it.

More information about the Mod_python mailing list