Mitesh Shah
mshah at harpercollege.edu
Mon Feb 9 23:06:07 EST 2009
>What is the original Apache configuration block you are using for >authentication and where is the CGI script located? Here is the conf block for the html directory (authentication dir): ****http.conf**** <Directory "/var/www/html"> Options Indexes FollowSymLinks AllowOverride AuthConfig Order allow,deny Allow from all </Directory> ****http.conf**** Now the actual .htaccess and html files are in /var/www/html/gapps. My python CGI is in /var/www/cgi-bin. -----Original Message----- From: Graham Dumpleton [mailto:graham.dumpleton at gmail.com] Sent: Monday, February 09, 2009 9:52 PM To: Mitesh Shah Cc: mod_python at modpython.org Subject: Re: [mod_python] req.user always returns None 2009/2/10 Mitesh Shah <mshah at harpercollege.edu>: > Sorry for the confusion. Well it was initially a CGI and then I learned > about mod_python. Right now I haven't made any changes to the CGI until > I learn how mod_python works. And all I need is the username and not > the full name. When I tried -- os.environ["REMOTE_USER"] -- it never > returned anything. I think I'm just having a hard time understanding > the logistics of mod_python. If you are using os.environ["REMOTE_USER"] inside mod_python handler it will not work. Only relevant to CGI scripts. Just making sure we are talking about same thing here. > I call an html and ask for authentication, this should set the cgi > variable but since my python CGI is calling python (#!/usr/bin/python) > separately, I don't think it can access the username from the initial > authentication. If you mean that the first line of your CGI script has that line, then that is normal and how UNIX knows what interpreter to run for the contents of the script. If REMOTE_USER environment variable is not set for CGI script, then AD authentication handler is either not setting 'user' correctly, or the CGI script isn't located in the same Directory/Location context for which the authentication was enabled. What is the original Apache configuration block you are using for authentication and where is the CGI script located? Graham > Which brought me mod_python. Every example I see they change Apache's > httpd.conf to point to the python script. And then this calls > req.get_basic_auth_pw() and req.user and I am able to see the username. > Basically I want the user to authenticate and be presented the html form > and then post to my CGI(or soon mod_python) and then the python script > would then grab the username via req.user. > > Thanks for you help so far. > > -Mitesh > > -----Original Message----- > From: Graham Dumpleton [mailto:graham.dumpleton at gmail.com] > Sent: Monday, February 09, 2009 7:21 PM > To: Mitesh Shah > Cc: mod_python at modpython.org > Subject: Re: [mod_python] req.user always returns None > > 2009/2/10 Mitesh Shah <mshah at harpercollege.edu>: >> I will take a look at mod_wsgi. Anyway, looking at the initial post I >> realized that pw = req.get_basic_auth_pw() came AFTER req.user. I > don't >> know how many times I had read that this was incorrect and STILL did >> it!! Anyway, I got it to work with that change. But this was all > just >> for testing. But now I realized that I may not be able to use this > with >> what I want to accomplish. >> >> 1) Use apache Authorization via .htaccess (which connects to Active >> Directory) -- Working >> 2) After the user is authenticated I have a form (html) with two > fields >> that posts to a python script. -- partially working (cannot log >> username) > > When you say script, what is it implemented as, CGI or mod_python? > > If CGI, then user should be available as REMOTE_USER environment > variable. If mod_python then as req.user. > > If these don't work then the AD module you are using for > authentication is broken in not setting 'user' in Apache request > structure properly. > >> The reason I looked into mod_python was that I am trying to pass the >> user's name from the initial login to my python script. Any ideas on >> how I could do this? > > Or are you after full name of user rather than a log in ID? > > Can you clarify a bit. > > Graham > >> Thanks, >> Mitesh >> >> -----Original Message----- >> From: Graham Dumpleton [mailto:graham.dumpleton at gmail.com] >> Sent: Monday, February 09, 2009 5:35 PM >> To: Mitesh Shah >> Cc: mod_python at modpython.org >> Subject: Re: [mod_python] req.user always returns None >> >> It is the authentication handlers responsibility, directly or >> indirectly, to set req.user, it will not be set before the >> authentication handler is called. Setting it is one of the things that >> a correctly implement authentication handler should do. >> >> For the way you are doing things, req.user will only be set after: >> >> pw = req.get_basic_auth_pw() >> >> is called. Ie., done as a side effect of that call. >> >> BTW, if you are new to mod_python, you might want to consider instead >> using mod_wsgi, writing your application code as a WSGI application >> and using mod_wsgi's much simpler to understand authentication >> provider hooks where everything is done for you except for validating >> the user credentials. For the latter see: >> >> http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms >> >> Graham >> >> 2009/2/10 Mitesh Shah <mshah at harpercollege.edu>: >>> I am having some issues trying to req.user to return a username. I > am >> very >>> new to python and mod_python. I happened upon this thread: >>> >>> >>> >>> http://osdir.com/ml/python.mod_python/2003-10/msg00092.html regarding >> a >>> similar issue. >>> >>> >>> >>> Anyway, even when I ran the code posted by "David Hancock" in the > post >> above >>> I only got a "None" for the username in the error_log file. I am >> sending >>> this in the URL: >>> >>> "http://localhost/python/mptest" >>> >>> >>> >>> Here is the test setup as it applies to me(basically unchanged). >>> >>> >>> >>> ******mptest.py******* >>> >>> from mod_python import apache >>> >>> >>> >>> def handler(req): >>> >>> req.content_type = 'text/plain' >>> >>> req.send_http_header() >>> >>> req.write("Hello, world!") >>> >>> return apache.OK >>> >>> >>> >>> def authenhandler(req): >>> >>> user = req.user >>> >>> pw = req.get_basic_auth_pw() >>> >>> req.log_error(str(user) + ' ' + str(pw)) >>> >>> if user == "fred" and pw == "secret": >>> >>> return apache.OK >>> >>> else: >>> >>> return apache.HTTP_UNAUTHORIZED >>> >>> *******mptest.py****** >>> >>> >>> >>> *******httpd.conf****** >>> >>> <Directory "/var/www/html/python"> >>> >>> AddHandler python-program .py >>> >>> PythonHandler mptest >>> >>> PythonAuthenHandler mptest >>> >>> AuthType Basic >>> >>> AuthName "mod_python restricted area" >>> >>> require valid-user >>> >>> PythonDebug On >>> >>> </Directory> >>> >>> ******httpd.conf******* >>> >>> >>> >>> *******error_log******* >>> >>> [Mon Feb 09 17:10:04 2009] [error] [client 127.0.0.1] None secret >>> >>> *******error_log******* >>> >>> >>> >>> After attempting to login I get a 401 page and then I am asked to >> login >>> again. >>> >>> >>> >>> Any help would be greatly appreciated! >>> >>> >>> >>> Thank you, >>> >>> Mitesh >>> >>> >>> >>> _______________________________________________ >>> Mod_python mailing list >>> Mod_python at modpython.org >>> http://mailman.modpython.org/mailman/listinfo/mod_python >>> >>> >> >
|