On 29 April 2011 07:49, Massimo Di Pierro <[email protected]> wrote: > Hello Graham, > > I have been using this: > http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms > > specifically: > """ > Host Access Controls > The authentication provider and group authorisation features help to > control access based on the identity of a user. Using mod_wsgi 2.0 it > is also possible to limit access based on the machine which the client > is connecting from. The path to the script is defined using the > WSGIAccessScript directive. > > WSGIAccessScript /usr/local/wsgi/script/access.wsgi > > The name of the function that must exist in the script file is > 'allow_access()'. It must return True or False. > > def allow_access(environ, host): > return host in ['localhost', '::1'] > > The 'environ' dictionary passed as first argument is a cut down > version of what would be supplied to the actual WSGI application. This > includes the 'wsgi.errors' object for the purposes of logging error > messages associated with the request. > """ > > and I got surprised that environ does not contain HTTP headers. This > would be much more powerful if the allow_access function could look at > the actual HTTP headers of the request. > > Why is it this way? Is there any directive to include the headers?
They should be there as HTTP_???? variables just like in WSGI environment. Use pprint.pprint() to dump out 'environ' to log file and then post what you are getting. Graham -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/modwsgi?hl=en.
