|
Graham Dumpleton
grahamd at dscpl.com.au
Tue Apr 25 18:37:27 EDT 2006
Deron Meranda wrote .. > Then for the entire website (/ url), excluding /login and /error, I have > a PythonAccessHandler which verifies the cookie, and will cause > an HTTP 401 Unauthorized if it's not correct or has expired. If > it's okay, then it stuffs information about the user into the req > object so the content handlers can get to it if desired, as well as > setting up and loading the session object (if you use sessions). Just be mindful of the DirectoryIndex fast redirect problem if you are stuffing user info in the req object from an access handler, as such information will not actually turn up in the request object in the content handler phase but will be lost. This is more an Apache problem than mod_python and it doesn't look like Apache will be changed real soon. See: https://issues.apache.org/jira/browse/MODPYTHON-146 http://www.mail-archive.com/[email protected]/msg01736.html for more information on what I am rambling about. :-) Graham
|