[mod_python] Newbie ?s regarding sessions

Graham Dumpleton grahamd at dscpl.com.au
Tue Nov 21 17:44:04 EST 2006

Jim Gallacher wrote ..
> Surendra Lingareddy wrote:
> > AuthenHandler results in a
> > login pop-up and that's not what I want. 
> You need to modify your apache configuration slightly. The popup is 
> triggered by AuthType "Basic". Instead try something like this:
> PythonDebug On
> AuthType MyCookieAuth
> AuthName "Private"
> PythonAuthenHandler foobar
> require valid-user
> "MyCookieAuth" in the above configuration is arbitrary and can be just
> about anything you want. You can retrieve its value in your handler if
> you want with req.auth_type().

The req.auth_type() method is only available from mod_python 3.3
onwards. You don't actually need to query its value if you ensure
your authenhandler is only being called for your application area
and no other authenhandlers are registered.

> > I am trying to use a form to
> > login. I tried session object and have been able to distinguish whether
> > it is the same session or not on a reload. How can I have this session
> > object be available to multiple browser pages? Should I pass it around?
> Yes. The usual practice is to pass it around as an attribute of the 
> request object.
> req.session = Session.Session(req)
> Note the use of req.session here. Using "session" as the attribute name
> will allow you to transparently use the session object with the psp 
> handler. You might not plan on using psp, but it does make it easy if 
> you change your mind in the future. It's not a requirement, just a 
> recommended practice.

For PSP to see req.session you will need mod_python 3.2.8 or later.

> The same thing goes for your request form.
> req.form = FieldStorage(req)

For PSP to see req.form you will need mod_python 3.3.

Won't it be nice when mod_python 3.3 is everywhere. :-)


More information about the Mod_python mailing list