2009/4/4 David <[email protected]>:
>
> Hi, I'm relatively new to Django and newer to mod_wsgi. I'm trying to
> do number 1 from Graham's post (Have Apache handle HTTP Basic
> authentication, with reference to a user database managed by Apache,
> such as htpasswd file).
>
> I can get it to work when I remove the configuration for my Django
> application. However, when the application is running, it seems to
> bypass the authentication process (the login dialog is never
> presented).
>
> As an aside, I was able to get option 3 in Graham's post working, but
> would rather use Apache for this basic auth (just to keep folks from
> seeing our dev in progress).
>
> My http.include for the vhost looks like this:
>
> <VirtualHost 70.32.93.84:80>
> ServerName stage.odopod.com:80
> ServerAdmin "[email protected]"
> DocumentRoot /path/to/httpdocs
> CustomLog /path/to/logs/access_log plesklog
> ErrorLog /path/to/logs/error_log
> <IfModule mod_userdir.c>
> UserDir /path/to/web_users
> </IfModule>
> <IfModule mod_ssl.c>
> SSLEngine off
> </IfModule>
> <Directory /path/to/httpdocs>
> <IfModule sapi_apache2.c>
> php_admin_flag engine off
> </IfModule>
> <IfModule mod_php5.c>
> php_admin_flag engine off
> </IfModule>
> Options -Includes -ExecCGI
> </Directory>
> <Directory /path/to/web_users>
> <IfModule sapi_apache2.c>
> php_admin_flag engine off
> </IfModule>
> <IfModule mod_php5.c>
> php_admin_flag engine off
> </IfModule>
> </Directory>
>
> <Directory "/path/to/httpdocs">
> AuthType Basic
> AuthName " "
> AuthUserFile /path/to/d..httpdocs
> Satisfy All
> require valid-user
> </Directory>
>
> # if I comment the below 3 lines, the above authentication
> works; with the three lines in place, I do not get the auth dialog.
> WSGIScriptAlias / /path/to/wsgi_handler.py
The auth stuff above needs to be on the directory the WSGI script file
is in. Since you have shown only example paths, can't tell for sure if
that is what you are doing. But with paths as shown, would need:
<Directory "/path/to">
AuthType Basic
AuthName " "
AuthUserFile /path/to/d..httpdocs
Satisfy All
require valid-user
</Directory>
That is, one directory above where you had it.
Graham
> WSGIDaemonProcess something user=apache group=apache processes=1
> threads=10
> WSGIProcessGroup something
>
> </VirtualHost>
>
>
>
> On Feb 3, 6:23 pm, Graham Dumpleton <[email protected]>
> wrote:
>> 2009/2/3 michaelg <[email protected]>:
>>
>>
>>
>>
>>
>> > I'm using mod_wsgi to serve a couple django sites on a WHM/cpanel
>> > server. I'd like to use basic auth to password protect the
>> > development server, but I'm having difficulty applying the
>> > instructions from this guide (http://code.google.com/p/modwsgi/wiki/
>> > AccessControlMechanisms). I'm guessing I need to enter the info in my
>> > vhost include file, which looks like this:
>>
>> > #/usr/local/apache/conf/userdata/std/2/account/dev.site.com/vhost.conf
>>
>> > <IfModule mod_alias.c>
>> > Alias /robots.txt /home/account/public_html/dev/site/media/robots.txt
>> > Alias /media /home/account/public_html/dev/site/media
>> > Alias /admin_media /home/account/public_html/dev/site/media/
>> > admin_media
>> > </IfModule>
>>
>> > <IfModule mod_wsgi.c>
>> > WSGIScriptAlias / /home/account/public_html/test.wsgi
>> > WSGIDaemonProcess nobody processes=2 threads=5 display-name=%{GROUP}
>> > WSGIProcessGroup nobody
>> > WSGIApplicationGroup %{GLOBAL}
>> > </IfModule>
>>
>> > Please show me how to setup basic auth for this development site.
>>
>> Which of the following are you wanting to do:
>>
>> 1. Have Apache handle HTTP Basic authentication, with reference to a
>> user database managed by Apache, such as htpasswd file? If this, see
>> Apache documentation:
>>
>> http://httpd.apache.org/docs/2.2/howto/auth.html
>>
>> See Apache 2.0 documentation of using older Apache as there are some
>> differences in some cases.
>>
>> 2. Have Apache handle HTTP Basic authentication, with Python code
>> provided through mod_wsgi hooks to allow user database checks to be
>> handled by your own custom code? If this, then covered by mod_wsgi
>> documentation you have already been looking at:
>>
>> http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms
>>
>> 3. Allow a WSGI application to handle the HTTP Basic authentication?
>> If this, then you just need to enable passing of authentication
>> headers to WSGI application using WSGIPassAuthentication directive.
>> See:
>>
>> http://code.google.com/p/modwsgi/wiki/ConfigurationDirectives#WSGIPas...
>>
>> So, please clarify which you actually want, then I'll go and ask
>> questions about what you expect to see and what you are getting.
>>
>> Graham
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"modwsgi" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/modwsgi?hl=en
-~----------~----~----~----~------~----~------~--~---
