[mod_python] authenhandler woes

Todd Boland itodd at itodd.org
Sun Oct 3 20:35:30 EDT 2004


A bit of googling reveals this post by Grisha who recommended passing 
lock=0 when instantiating the session:

http://www.modpython.org/pipermail/mod_python/2004-April/015374.html

This fixes my problem but I am unaware of the implications of turning 
session locking off. Can anyone explain them?

Todd

On Oct 3, 2004, at 6:26 PM, Todd Boland wrote:

> I've created a mod_python authenhandler which sets some session data. 
> It works perfectly for the initial request. Unfortunately, all 
> subsequent requests hang on the line I marked with a > character. 
> Anyone have any ideas?
>
> The behavior  I'm experiencing is as if the handler was waiting for a 
> lock to be released on the session dbm file. I'm using mod_python 
> 3.1.3 with Python 2.3.4
>
> from mod_python import apache, util
> from mod_python.Session import Session
>
> def authenhandler(req):
>         password = req.get_basic_auth_pw()
>         username = req.user
>
> >        req.session = Session(req, secret="********")
>
>         if req.session.is_new() == True:
>                 from RPM.database import connection
>                 cursor = connection.cursor()
>
>                 try:
>                         cursor.execute("SELECT accounts.id AS 
> account_id, users.id AS user_id, people.id AS person_id, 
> organizations.id AS organization_id, users.username AS username, 
> CONCAT(people.first_name, ' ', people.last_name) AS person_name, 
> organizations.name AS organization_name, people.email_address AS 
> email_address FROM accounts, users, people, organizations WHERE 
> users.person_id = people.id AND people.organization_id = 
> organizations.id AND accounts.organization_id = organizations.id AND 
> users.username = %s AND users.password = PASSWORD(%s)" % 
> (connection.escape(username), connection.escape(password)))
>
>                         req.session.update(cursor.fetchone())
>                         cursor.execute("UPDATE users SET last_login = 
> NOW() WHERE id = %d" % req.session["user_id"])
>                         cursor.close()
>                         req.session.save()
>
>                 except(KeyError, AttributeError):
>                         req.log_error("Invalid password for %s" % 
> req.user,
>                                 apache.APLOG_NOTICE )
>                         return apache.HTTP_UNAUTHORIZED
>
>         return apache.OK
>
> _______________________________________________
> Mod_python mailing list
> Mod_python at modpython.org
> http://mailman.modpython.org/mailman/listinfo/mod_python
>



More information about the Mod_python mailing list