Summary: I should be sending "AUTHORIZATION" instead of "HTTP_AUTHORIZATION" as the http header?
Ok, so after playing around, I think the problem is with my test program, and also with my incorrect/incomplete understanding of HTTP header names. These http headers show up fine: A -> HTTP_A FAKE -> HTTP_FAKE PAGE-TYPE -> HTTP_PAGE_TYPE However, these do not show up at all: A_ HTTP_FAKE PAGE_TYPE So apache filters out all names with underscores. It also prepends HTTP_, and converts _ to -, which I knew. I think the problem is that I'm sending "HTTP_AUTHORIZATION", which gets filtered out. However, if I send an "AUTHORIZATION" header, it gets turned into "HTTP_AUTHORIZATION" due to apache name mangling and then shows up fine with "WSGIPassAuthorization On". I've been focusing too much on "HTTP_AUTHORIZATION" to realize that that's just the mangled version of the AUTHORIZATION header. Does that make sense, or am I short-circuiting here? So if this is truly the case, then I'm being stupid; WSGIPassAuthorization worked just fine, it was my test program that was incorrect. I'll try this with Google Checkout, and see if that works as well. -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/modwsgi?hl=en.
