|
Roger Binns
rogerb at rogerbinns.com
Tue May 1 13:08:01 EDT 2007
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Graham Dumpleton wrote: > To say ldap is only referring to the auth provider, not what HTTP > authentication mechanism is being used. Two that Apache understands > are Basic and Digest. As well as NTLM which does challenge response on the connection. > Except that that will not work. The problem is that AuthType and > AuthName wouldn't be set for /admin if you only use them on /api, so > the web browser wouldn't normally even send the authentication > information through for /admin URL. Thus there isn't going to be any > auth information to pass through to a sub request. That is correct. I expected to manually copy the status and response headers from /api into responses from /admin if no authentication information was present which would then cause the browser to prompt for and send credentials. > BTW, looking at Apache APIs the call that may have allowed you to do > subrequests and incorporate output within a parent page is: > > ap_run_sub_req() I only found 1.3 doc for that API but that definitely looks like the right thing in concert with ap_sub_req_lookup_uri() to make the "sub" request. > Even if exposed in mod_python it would still not help given that you > wouldn't have the auth information available for /admin URL to pass > through. That is the easy bit :-) Just copying the authentication response headers from /api will do the trick. For the moment I am resigned to using urllib2 to create a new request and copying headers into/out of that (effectively using it as an alternative to ap_sub_req_lookup_uri/ap_run_sub_req). Roger -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGN3PxmOOfHg372QQRAtDZAKDkwgKKF0gOE3gR+NUUr+1gVgt+dQCgnVfx XfFBt35d/y4qJavt2RVKoz8= =TlvJ -----END PGP SIGNATURE-----
|