#3583: cookie-based modpython / apache authentication
-----------------------------------------------+----------------------------
Reporter: midfield <[EMAIL PROTECTED]> | Owner: jacob
Status: new | Component:
Uncategorized
Version: SVN | Resolution:
Keywords: authentication modpython apache | Stage:
Accepted
Has_patch: 0 | Needs_docs: 0
Needs_tests: 0 | Needs_better_patch: 0
-----------------------------------------------+----------------------------
Comment (by [EMAIL PROTECTED]):
The SESSION_COOKIE_DOMAIN thing was my fault, not yours. (I was
protecting http://static.foo.com, whereas my main site is http://foo.com.)
Maybe just something to put in the docs. The only other thing I'd say is
that you might consider changing the logic so that if there is no specific
permission set, and there's no "staff only / super only", then any
authenticated user is allowed. That's a judgment call, but seems like the
most obvious thing to me.
In whatever docs you put up, an example using nested <Location> tags and
permissions might be nice -- that's the usual way people are going to use
this, I imagine.
A question: right now I'm using VirtualHosts, but in the interests of
saving memory, I am forcing my main site and the static protected site to
both use the "main_interpreter." Is this the right idea?
Thanks a million.
--
Ticket URL: <http://code.djangoproject.com/ticket/3583#comment:6>
Django Code <http://code.djangoproject.com/>
The web framework for perfectionists with deadlines
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
