[mod_python] Chaining handlers

Graham Dumpleton graham.dumpleton at gmail.com
Wed Mar 19 21:55:05 EDT 2008


On 20/03/2008, David Champion <dgc at uchicago.edu> wrote:
> This seems like it should be a FAQ, but I don't see it.  Sorry if I've
>  missed it -- pointers instead of answers are welcome.

The documentation does cover it, as long as you know what you are looking for.

>  I thought I understood that it's possible to chain handlers in Apache,
>  such that multiple handlers can have a chance at completing the request,
>  and the chain ends when a handler succeeds.  (I don't want to "pipeline"
>  filters, so that each handler handles the same request in succession.)
>  But I'm having trouble seeing how to make this work.
>
>  More specifically, what I'm trying to accomplish is to have mod_python
>  implement an access control policy over a directory.  Provided that
>  access is allowed, I want any content in that directory to be served as
>  if mod_python were not present.  I have a script that implements the
>  policy.  It amounts to this:
>
>         <Location /test/*>
>                 SetHandler mod_python
>                 PythonHandler MyPackage
>         </Location>
>
>         def handler(req):
>                 # case 1
>                 if accessOK(req):
>                         return apache.DECLINED
>
>                 # case 2
>                 else:
>                         return apache.UNAUTHORIZED
>
>  Case 2 works, of course.  And when I request a static file, case 1 works
>  too (I receive the file).  My problem is when the request is for an
>  object that's covered by some other handler -- cgi, php, etc.  I receive
>  the CGI as a static-content test/plain file instead.
>
>  Is this possible?  I feel like I must be missing something; there's a
>  lot I still don't understand about the API.  I had started to implement
>  this module in C, but decided I could probably do it in mod_python if
>  it's possible in C.  Is that true?

Before can suggest something, need to know what the criteria is that
you are wanting to block on. Are you wanting to implement HTTP basic
authorisation, ie., require user to login, or wanting to block based
on something else, such as client IP?

Also, is this the only reason you are wanting to use mod_python, or do
you also have web applications that use mod_python specific APIs for
content handler? If you do have a web application, is it WSGI
compatible and thus could be hosted on any WSGI capable system?

Graham


More information about the Mod_python mailing list