[mod_python] Cookies & mod_rewrite

Graham Dumpleton grahamd at dscpl.com.au
Mon Sep 18 18:13:14 EDT 2006

CARTWRIGHT, Guy, GBM wrote ..
> Hi
> I'm using mod_python to perform NTLM authentication. In my handler script
> "ntlmhandler.py" a cookie gets set using the following code:
> cookie = Cookie.Cookie('username', user, path='/')
> Cookie.add_cookie(req, cookie)   
> With the following apache conf for some reason the cookie is not getting
> passed in the request to the rewrite url. When requesting a page in the
> /ntlm directory without the rewrite rule in place, the above cookie is
> getting set fine. Does anybody have any ideas why this might be the case?
> <VirtualHost>
>     ServerName myserver.com
>     KeepAlive On
>     DocumentRoot /ntlm/
>     <Directory /ntlm> 
>         AddHandler mod_python .py

You don't need AddHandler if you aren't defining a response handler, ie. only
need that or SetHandler when using PythonHandler directive.

>         PythonAuthenHandler ntlmhandler

Have you added logging in your authenhandler and know for sure that it is being

>         PythonDebug On
>         AuthType NTLM
>         require valid-user
>         RewriteEngine On
>         RewriteRule ^(.*)$
> _root/VirtualHostRoot/$1 [P,L]    
>     </Directory>    
> </VirtualHost>

I am not very good at mod_rewrite, but I read this as you using mod_rewrite to
proxy the request through to a backend server. If this is true and your
expectation is that the cookie will be passed through to the backend to be used
there somehow before perhaps also being sent back to the client, your
assumption would be wrong. This is because setting a cookie in the
authenhandler is going to be done in the headers_out where only headers_in
would be getting proxied through.

Is that what you were expecting?


More information about the Mod_python mailing list