I've got Apache serving multiple django web apps via virtual hosts.
For one of those hosts, I have "WSGIPassAuthorization On". However,
the django app does not have HTTP_AUTHORIZATION or
HTTP_HTTP_AUTHORIZATION in the request.META headers. If I run the app
with the django "manage.py runserver", then I see the header just
fine.
I'm using Apache 2.2 with mod_wsgi 3.1. I use hostname-based virtual
hosts. I used to have this working on another server by simply using
"WSGIPassAuthorization On" in the httpd.conf file, but I've changed
setup and now I can't figure out why it's not working.
Here is my httpd.conf:
ServerRoot "/path/to/apache2"
Listen 12345
LoadModule log_config_module modules/mod_log_config.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authn_default_module modules/mod_authn_default.so
#LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
#LoadModule log_config_module modules/mod_log_config.so
LoadModule env_module modules/mod_env.so
LoadModule mime_module modules/mod_mime.so
LoadModule dir_module modules/mod_dir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule wsgi_module modules/mod_wsgi.so
ServerAdmin admin@(removed).com
#DocumentRoot "/path/to/apache2/htdocs"
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
# Logging
ErrorLog "logs/error_log"
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i
\"" combined
CustomLog "logs/access_log" combined
# Virtual Hosting Setup
ServerLimit 1
MinSpareThreads 1
MaxSpareThreads 5
ThreadsPerChild 10
<Directory /path/to/wsgi>
Order allow,deny
Allow from all
</Directory>
NameVirtualHost *:12345
# Virtual Hosts
<VirtualHost *:12345>
ServerName (domain1).com
KeepAlive Off
WSGIDaemonProcess (domain1).com processes=1 threads=20
inactivity-
timeout=60 display-name=[wsgi-scriptshare]httpd
WSGIProcessGroup (domain1).com
WSGIScriptAlias / /path/to/wsgi/scriptshare.wsgi
</VirtualHost>
<VirtualHost *:12345>
ServerName (domain2).com
ServerAlias www.(domain2).com
KeepAlive Off
WSGIDaemonProcess (domain2).com processes=1 threads=10
inactivity-
timeout=60 display-name=[wsgi-everythingri]httpd
WSGIProcessGroup (domain2).com
WSGIScriptAlias / /path/to/wsgi/everythingri.wsgi
</VirtualHost>
<VirtualHost *:12345>
ServerName (domain3).com
KeepAlive Off
# THIS SHOULD PASS HTTP_AUTHORIZATION TO DJANGO...
WSGIPassAuthorization On
WSGIDaemonProcess (domain3).com processes=1 threads=10
inactivity-
timeout=60 display-name=[wsgi-dev-seemonkey]httpd
WSGIProcessGroup (domain3).com
WSGIScriptAlias / /path/to/wsgi/seemonkey.wsgi
</VirtualHost>
I run this test program:
import urllib
import urllib2
url = '(removed)'
print 'URL: %s' % url
headers = {
'HTTP_AUTHORIZATION': '!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
HTTP_AUTHORIZATION',
'FAKE': '!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! FAKE',
}
print 'headers: %s' % headers
print 'Results:'
#print 'sending headers: %s' % headers
req = urllib2.Request(url, headers=headers)
try:
url1 = urllib2.urlopen(req)
except Exception, e:
print 'Exception:'
print e
else:
response = url1.read()
print 'response:'
print '----------------------------------------'
print response
print '----------------------------------------'
print ''
For "manage.py runserver", I get this result:
URL: (django runserver url)
headers: {'HTTP_AUTHORIZATION':
'!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! HTTP_AUTHORIZATION', 'FAKE':
'!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! FAKE'}
Results:
response:
----------------------------------------
request.META[wsgi.version]: (1, 0)
request.META[wsgi.multiprocess]: False
request.META[RUN_MAIN]: 'true'
request.META[SERVER_PROTOCOL]: 'HTTP/1.1'
request.META[SERVER_SOFTWARE]: 'WSGIServer/0.1 Python/2.5.4'
request.META[SCRIPT_NAME]: u''
request.META[REQUEST_METHOD]: 'GET'
request.META[PROCESSOR_REVISION]: '0f0b'
request.META[QUERY_STRING]: ''
request.META[HTTP_HTTP_AUTHORIZATION]:
'!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! HTTP_AUTHORIZATION'
request.META[wsgi.errors]: <open file '<stderr>', mode 'w' at
0x00A400B0>
request.META[CONTENT_LENGTH]: ''
request.META[HTTP_CONNECTION]: 'close'
request.META[REMOTE_HOST]: ''
request.META[REMOTE_ADDR]: '127.0.0.1'
request.META[SERVER_PORT]: '10002'
request.META[SESSIONNAME]: 'Console'
request.META[PROCESSOR_LEVEL]: '6'
request.META[HTTP_FAKE]: '!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
FAKE'
request.META[USERNAME]: '(username)'
request.META[wsgi.input]: <socket._fileobject object at 0x018B76B0>
request.META[HTTP_USER_AGENT]: 'Python-urllib/2.5'
request.META[HTTP_HOST]: 'localhost:10002'
request.META[wsgi.multithread]: True
request.META[PATHEXT]:
'.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH'
request.META[PATH_INFO]: u'/(page_url)'
request.META[SERVER_NAME]: '(server name)'
request.META[GATEWAY_INTERFACE]: 'CGI/1.1'
request.META[wsgi.run_once]: False
request.META[DJANGO_SETTINGS_MODULE]: '(django app name).settings'
request.META[CONTENT_TYPE]: 'text/plain'
request.META[wsgi.file_wrapper]: <class
'django.core.servers.basehttp.FileWrapper'>
request.META[OS]: 'Windows_NT'
request.META[HTTP_ACCEPT_ENCODING]: 'identity'
request.META[wsgi.url_scheme]: 'http'
request.META.get('HTTP_AUTHORIZATION', None): None
request.META.get('HTTP_HTTP_AUTHORIZATION', None):
'!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! HTTP_AUTHORIZATION'
----------------------------------------
The HTTP_HTTP_AUTHORIZATION shows up just fine.
But with the apache server, I get these results:
URL: (apache url)
headers: {'HTTP_AUTHORIZATION':
'!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! HTTP_AUTHORIZATION', 'FAKE':
'!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! FAKE'}
Results:
response:
----------------------------------------
request.META[mod_wsgi.reload_mechanism]: '1'
request.META[mod_wsgi.listener_port]: '29019'
request.META[SERVER_SOFTWARE]: 'Apache/2.2.14 (Unix) mod_wsgi/2.5
Python/2.5.4'
request.META[SCRIPT_NAME]: u''
request.META[SERVER_SIGNATURE]: ''
request.META[REQUEST_METHOD]: 'GET'
request.META[PATH_INFO]: u'/(page url)'
request.META[SERVER_PROTOCOL]: 'HTTP/1.0'
request.META[QUERY_STRING]: ''
request.META[HTTP_USER_AGENT]: 'Python-urllib/2.5'
request.META[HTTP_CONNECTION]: 'close'
request.META[SERVER_NAME]: '(server name)'
request.META[REMOTE_ADDR]: '127.0.0.1'
request.META[wsgi.url_scheme]: 'http'
request.META[SERVER_PORT]: '80'
request.META[wsgi.multiprocess]: True
request.META[HTTP_FAKE]: '!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
FAKE'
request.META[SERVER_ADDR]: '127.0.0.1'
request.META[mod_wsgi.process_group]: '(removed)'
request.META[SCRIPT_FILENAME]: '(removed).wsgi'
request.META[SERVER_ADMIN]: '(removed)'
request.META[wsgi.input]: <mod_wsgi.Input object at 0xb03b8f48>
request.META[HTTP_HOST]: '(removed)'
request.META[wsgi.multithread]: True
request.META[mod_wsgi.callable_object]: 'application'
request.META[REQUEST_URI]: '/(removed)'
request.META[wsgi.version]: (1, 0)
request.META[GATEWAY_INTERFACE]: 'CGI/1.1'
request.META[HTTP_X_FORWARDED_FOR]: '(removed)'
request.META[wsgi.errors]: <mod_wsgi.Log object at 0xa348338>
request.META[REMOTE_PORT]: '51174'
request.META[mod_wsgi.listener_host]: ''
request.META[mod_wsgi.version]: (2, 5)
request.META[wsgi.run_once]: False
request.META[mod_wsgi.application_group]: '(removed)|'
request.META[mod_wsgi.script_reloading]: '1'
request.META[wsgi.file_wrapper]: <built-in method file_wrapper of
mod_wsgi.Adapter object at 0xa268c80>
request.META[HTTP_ACCEPT_ENCODING]: 'identity'
request.META.get('HTTP_AUTHORIZATION', None): None
request.META.get('HTTP_HTTP_AUTHORIZATION', None): None
----------------------------------------
The "FAKE" http header shows up as "HTTP_FAKE", but the
"HTTP_AUTHORIZATION" header doesn't show up at all. It's being
filtered out, which is what you'd expect if the WSGIPassAuthorization
was Off. I've restarted the server a ton, played with the http.conf,
and I'm stuck.
What other steps can I try to troubleshoot this? My host is
webfaction, which runs Apache behind an nginx proxy frontend. I'm not
sure if that makes a difference. I've been using this fine on another
machine, but recently switched machines, then recompiled apache, and
now it doesn't work. Something's wrong, but I'm out of ideas of where
to look.
Thanks so much for any help!
--
You received this message because you are subscribed to the Google Groups
"modwsgi" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/modwsgi?hl=en.
