[mod_python] Session deadlocking in Linux but not Windows

Seth VanHeulen svanheulen at gmail.com
Fri May 29 14:25:07 EDT 2009 

I hacked together a way of doing forms authentication with mod_python
and it's been working fine running on our Windows Server 2003 box but
now I'm trying to get it running on an Ubuntu 9.04 box and I'm having
troubles with what I think is the session getting deadlocked. It will
work once sometimes but if I close the browser and try the site again
apache doesn't respond it just sits there trying to load. No errors
show up in the apache logs and I don't know where to go from here to
troubleshoot.

Some info on my setup:

401 errors redirect to /login/auth.py/unauthorized
/login/ does NOT require a valid user
/ does require a valid user
/login/auth is added as a PythonAuthenHandler
/login/index.psp posts username and password to /login/auth.py/login

Here's the code in auth.py:

import sys
import ldap
from mod_python import apache
from mod_python import Session
from mod_python import util

_main_page = '/'
_login_form = '/login/'
_domain = 'something'

def authenhandler(req):
    sess = Session.Session(req)
    if sess.get('authorized') and sess.get('ipaddress') ==
req.connection.remote_addr[0]:
        sess.save()
        req.user = str(sess.get('username'))
        return apache.OK
    else:
        if not sess.is_new():
            sess.invalidate()
        return apache.HTTP_UNAUTHORIZED

def unauthorized(req):
    util.redirect(req, _login_form)

def login(req, username, password):
    sess = Session.Session(req)
    #if not sess.get('username', str(username)) == str(username):
    #    sess.invalidate()
    sess['username'] = str(username)
    sess['ipaddress'] = req.connection.remote_addr[0]
    #l = ldap.open(_domain)
    l = ldap.open(_domain)
    try:
        l.simple_bind_s(_domain + '\\' + str(username), str(password))
        cn = l.search_s('dc=something,dc=example,dc=com',
ldap.SCOPE_SUBTREE, '(sAMAccountName=' + str(username) + ')', ['cn'])
    except ldap.SERVER_DOWN:
        sess['authorized'] = False
        sess.save()
        util.redirect(req, _login_form + '?msg=server')
    except:
        sess['authorized'] = False
        sess.save()
        errorCode = sys.exc_info()[1][0]
        if not errorCode.get('info', '').find(' data 773,') == -1:
            util.redirect(req, _login_form + '?msg=expired')
        else:
            util.redirect(req, _login_form + '?msg=invalid')
    else:
        if cn:
            sess['authorized'] = True
            sess.save()
            util.redirect(req, _main_page)
        else:
            sess['authorized'] = False
            sess.save()
            util.redirect(req, _login_form + '?msg=invalid')

def logout(req):
    sess = Session.Session(req)
    sess.invalidate()
    util.redirect(req, _login_form + '?msg=logout')

More information about the Mod_python mailing list