Thanks I hadn't seen that! mod_session really will be a good addition to Apache. It'll take me some time to figure out what difference that makes to me for my AAA requirements, although I expect it won't make a huge difference in itself. The mod_auth_form is also a welcome and long overdue addition, although again I will have to do some tests to understand if this offers new capabilities or is merely a better alternative mod_auth_tkt.
I look forward to any insights you have regarding using mod_wsgi in this space. Kind regards. On Nov 19, 12:18 pm, "Graham Dumpleton" <[EMAIL PROTECTED]> wrote: > > Partly intelligible. > > I don't really know much about mod_auth_tkt so would have to take your > word about it not being suitable. > > The only other thing I can possibly suggest at this point is to look at: > > http://httpd.apache.org/docs/trunk/mod/mod_session.html > > This is a part of next major version of Apache though so probably not > of much use now. > > Going back to mod_wsgi, I can progress looking at the header issue in > authnz hooks and I guess we can then try and work out if it may even > then be possible to do what you want. It may possibly not be and > mod_session like functionality from Apache 2.3/2.4 may be needed. > > You have a look at mod_session and I'll see if can address that authnz > header issue and also think about what realistically may be able to be > done with this stuff. > > Graham > > > > > Best Regards > > Richard > > > ---------- Forwarded message ---------- > > From: "Graham Dumpleton" <[EMAIL PROTECTED]> > > Date: Mar 25, 12:40 pm > > Subject: getting HTTP_USER_AGENT > > To: modwsgi > > > Sorry, one more thing have been bouncing around in my head is > > introducing a new Require directive argument and corresponding hook > > function which might somehow be used to implementsessionmanagement. > > The idea being here to provide a means for HTML forms based login. > > This could be independent of any WSGI applications, with the WSGI > > applications just knowing that user was authenticated, much like with > > Basicauthentication, or it could be integrated with existing > > applications auth mechanisms. > > > For example, imagine being able to useDjangoHTMLformlogin > > andsessionmanagement to control access to a Trac instance on same > > site. > > In other words someformof support that might allow single sign in > > across Python web applications. > > > If anyone has any thoughts about that one and whether it is even of > > interest would be good to know. > > > BTW, I know this is outside of WSGI, and some feel I should > > concentrate on just WSGI, but some times I need diversions to keep my > > mind occupied. ;-) > > > Graham --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "modwsgi" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/modwsgi?hl=en -~----------~----~----~----~------~----~------~--~---
