Hello all. I'd like to create a WSGI aaa and session management application to protect non-WSGI Apache resources.
E.G. <Directory>s and <Location>s which may contain a static HTML website, or a Java app via mod_weblogic, etc. I came across Grahams post below. The thread went on on to suggest mod_auth_tkt (http://www.openfusion.com.au/labs/mod_auth_tkt/) as a solution, but I don't think this provides the flexibility I need to implement the functionality I need. (strong session keys, password expiry, password changes, additional credential for 2 factor token, authentication by HTML form and web service). My question is, is this possible using wod_wsgi today, or is the necessary hook still not hooked up? Apologies for the broad nature of this question, I hope it is clear enough to be intelligible. Best Regards Richard ---------- Forwarded message ---------- From: "Graham Dumpleton" <[EMAIL PROTECTED]> Date: Mar 25, 12:40 pm Subject: getting HTTP_USER_AGENT To: modwsgi Sorry, one more thing have been bouncing around in my head is introducing a new Require directive argument and corresponding hook function which might somehow be used to implementsessionmanagement. The idea being here to provide a means for HTML forms based login. This could be independent of any WSGI applications, with the WSGI applications just knowing that user was authenticated, much like with Basicauthentication, or it could be integrated with existing applications auth mechanisms. For example, imagine being able to useDjangoHTMLformlogin andsessionmanagement to control access to a Trac instance on same site. In other words someformof support that might allow single sign in across Python web applications. If anyone has any thoughts about that one and whether it is even of interest would be good to know. BTW, I know this is outside of WSGI, and some feel I should concentrate on just WSGI, but some times I need diversions to keep my mind occupied. ;-) Graham --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "modwsgi" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/modwsgi?hl=en -~----------~----~----~----~------~----~------~--~---
