|
Graham Dumpleton
grahamd at dscpl.com.au
Sat Feb 25 01:07:47 EST 2006
I don't know why, but if you define Require directive, but don't define AuthType and authenhandler returns apache.OK, it doesn't work. Also, it skips the type checker and fixup handler phases as well, going direct to the response handler phase. To at least get it working, include: AuthType Dummy This sort of strange behaviour probably confirms my thinking that authenhandler support in mod_python was incomplete and why I have added changes as described in: http://issues.apache.org/jira/browse/MODPYTHON-124 for mod_python 3.3. One can't make short cuts when writing authenhandlers, they need to be done properly or weird things like this could well happen. Graham On 25/02/2006, at 8:41 AM, Tomasz Wlodek wrote: > Ok, one detai, which I discovered by trial and error: > > If I remove the line > > require valid-user > > then Apache allows me to execute the cgi scripts. > > If I leave it then it displays them as text. > > Does anyone understand this behavior? > > Tomasz Wlodek | tel 631-344-7448 > Brookhaven Laboratory, Building 510M | fax 631-344-7616 > Upton NY 11973-5000 | > > On Fri, 24 Feb 2006, Tomasz Wlodek wrote: > >> Hello experts, >> >> I am not sure whether this issue belongs to Apache proper or mod >> python or >> both. >> >> here is the problem: I use mod_python authentication handler to >> authenticate users who come to some directory. This part of the >> code works >> fine. >> >> After the user is authenticated mod_python returns apache.OK and then >> Apache is supposed to execute cgi script which is located in this >> directory. For the time being the cgi script is a simple "Hello >> world" in >> python. >> >> Now comes the problem: users are authenticated, then Apache takes >> the cgi >> script but instead of executing it it displays its content as text >> file. >> >> The funny thing is that the same cgi script when I move it to >> another cgi >> directory (where I do not use mod_python for authentication) works >> fine. >> It executes as cgi script. >> >> Apparently when I protect a directory by mod_python authentication >> handler >> then Apache does not want to execute underlying cgi scripts from this >> directory! >> >> Here comes the configuration file for this directory: >> >> Alias /GridHyperNews "/var/www/cgi-bin/GridHyperNews" >> <Directory /var/www/cgi-bin/GridHyperNews> >> AllowOverride None >> #I want the directory to contain cgi scripts >> Options +ExecCGI >> SetHandler cgi-script >> # users who come to this directory must be authenticated by >> # myhandler2 >> PythonAuthenHandler myhandler2 >> PythonDebug on >> PythonPath "sys.path + ['/root/mod_python_handlers']" >> require valid-user >> </Directory> >> >> >> The myhandler2.py code is very simple >> >> from mod_python import apache >> from mod_python import util >> >> import _mp_mod_ssl >> import os,string >> >> def authenhandler(req): >> req.add_common_vars() >> req.user="unknown_user" >> >> return apache.OK >> >> Now, no matter what I do scripts under the directory >> /var/www/cgi-bin/GridHyperNews are not treated by Apache as cgi >> but as >> text files. >> >> Tomasz Wlodek | tel 631-344-7448 >> Brookhaven Laboratory, Building 510M | fax 631-344-7616 >> Upton NY 11973-5000 | >> >> _______________________________________________ >> Mod_python mailing list >> Mod_python at modpython.org >> http://mailman.modpython.org/mailman/listinfo/mod_python >> > _______________________________________________ > Mod_python mailing list > Mod_python at modpython.org > http://mailman.modpython.org/mailman/listinfo/mod_python
|