[mod_python] req.user always returns None

Mitesh Shah mshah at harpercollege.edu
Mon Feb 9 20:11:42 EST 2009


I will take a look at mod_wsgi.  Anyway, looking at the initial post I
realized that pw = req.get_basic_auth_pw() came AFTER req.user.  I don't
know how many times I had read that this was incorrect and STILL did
it!!  Anyway, I got it to work with that change.  But this was all just
for testing.  But now I realized that I may not be able to use this with
what I want to accomplish.

1) Use apache Authorization via .htaccess (which connects to Active
Directory) -- Working
2) After the user is authenticated I have a form (html) with two fields
that posts to a python script. -- partially working (cannot log
username)

The reason I looked into mod_python was that I am trying to pass the
user's name from the initial login to my python script.  Any ideas on
how I could do this? 

Thanks,
Mitesh

-----Original Message-----
From: Graham Dumpleton [mailto:graham.dumpleton at gmail.com] 
Sent: Monday, February 09, 2009 5:35 PM
To: Mitesh Shah
Cc: mod_python at modpython.org
Subject: Re: [mod_python] req.user always returns None

It is the authentication handlers responsibility, directly or
indirectly, to set req.user, it will not be set before the
authentication handler is called. Setting it is one of the things that
a correctly implement authentication handler should do.

For the way you are doing things, req.user will only be set after:

  pw = req.get_basic_auth_pw()

is called. Ie., done as a side effect of that call.

BTW, if you are new to mod_python, you might want to consider instead
using mod_wsgi, writing your application code as a WSGI application
and using mod_wsgi's much simpler to understand authentication
provider hooks where everything is done for you except for validating
the user credentials. For the latter see:

  http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms

Graham

2009/2/10 Mitesh Shah <mshah at harpercollege.edu>:
> I am having some issues trying to req.user to return a username.  I am
very
> new to python and mod_python.  I happened upon this thread:
>
>
>
> http://osdir.com/ml/python.mod_python/2003-10/msg00092.html regarding
a
> similar issue.
>
>
>
> Anyway, even when I ran the code posted by "David Hancock" in the post
above
> I only got a "None" for the username in the error_log file.  I am
sending
> this in the URL:
>
> "http://localhost/python/mptest"
>
>
>
> Here is the test setup as it applies to me(basically unchanged).
>
>
>
> ******mptest.py*******
>
> from mod_python import apache
>
>
>
> def handler(req):
>
>         req.content_type = 'text/plain'
>
>         req.send_http_header()
>
>         req.write("Hello, world!")
>
>         return apache.OK
>
>
>
> def authenhandler(req):
>
>         user = req.user
>
>         pw = req.get_basic_auth_pw()
>
>         req.log_error(str(user) + ' ' + str(pw))
>
>         if user == "fred" and pw == "secret":
>
>                 return apache.OK
>
>         else:
>
>                 return apache.HTTP_UNAUTHORIZED
>
> *******mptest.py******
>
>
>
> *******httpd.conf******
>
> <Directory "/var/www/html/python">
>
>     AddHandler python-program .py
>
>     PythonHandler mptest
>
>     PythonAuthenHandler mptest
>
>     AuthType Basic
>
>     AuthName "mod_python restricted area"
>
>     require valid-user
>
>     PythonDebug On
>
> </Directory>
>
> ******httpd.conf*******
>
>
>
> *******error_log*******
>
> [Mon Feb 09 17:10:04 2009] [error] [client 127.0.0.1] None secret
>
> *******error_log*******
>
>
>
> After attempting to login I get a 401 page and then I am asked to
login
> again.
>
>
>
> Any help would be greatly appreciated!
>
>
>
> Thank you,
>
> Mitesh
>
>
>
> _______________________________________________
> Mod_python mailing list
> Mod_python at modpython.org
> http://mailman.modpython.org/mailman/listinfo/mod_python
>
>



More information about the Mod_python mailing list