alex, Thanks for your reply. I am using python, and webapp2, but this is the first that I've heard of a thing called @digest_auth_required. Indeed, searching the webapp2 source code supplied with the sdk, I can't find a declaration like that. Also, Google search doesn't turn up anything that points me at its documentation. Can you please send me a link to documentation, or a file and line number in webapp2 source code, where you found the decorator?
Also, with regard to using a custom auth handler, it is my very strong preference, if I can figure out how to accomplish it, to allow my users to use their existing Google accounts and completely delegate identity management to Google. I am considering implementing custom authentication as a last resort at this point. (Understanding, of course, that at this point it may be the only path available to me). Thanks, Tommy K On Wed, Mar 28, 2012 at 1:45 AM, alex <[email protected]> wrote: > What's wrong with using a custom auth handler and decorator like > @digest_auth_required? (if it's python, webapp2 is a great thing to go with) > > > On Wednesday, March 28, 2012 8:21:52 AM UTC+2, Tommy Knowlton wrote: >> >> As part of my app engine app, I'm trying to implement a WebDAV server so >> that users can interact with my app's blobstore using their native desktop >> file browser (i.e., Mac Finder.app and Windows Explorer.exe). >> >> WebDAV clients, per RFC 4918, authenticate (if at all) via HTTP Digest >> authentication, and I can see that I could implement this authentication >> method in my app only if I forego my preference for Google accounts in my >> app. As it is, when delegating authentication to Google accounts, >> Finder.app (as WebDAV client) can't correctly process the HTML >> authentication form that is presented on the initial request. >> >> It would be really great for my use case if some means could be added, >> maybe in the app.yaml handlers section, to configure HTTP Digest >> authentication for a chosen request path. It seems to me that the same >> mechanism that is currently available, that checks for a session cookie and >> issues the redirect to the Google account login form could instead supply >> the HTTP Digest nonce and challenge, along with the 401 status response to >> the initial unauthenticated request. >> >> I suspect there are other use cases that would benefit by an HTTP Digest >> authentication option, and I'm curious to know if there are other >> developers who want this, and what's the likelihood AppEngine will >> eventually incorporate such an option? >> >> Even better would be if someone could explain how I can already do this >> using existing support in AppEngine :) >> >> Thanks, >> Tommy K >> >> -- > You received this message because you are subscribed to the Google Groups > "Google App Engine" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/google-appengine/-/IXVY3yUc0zYJ. > > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-appengine?hl=en. > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
