This issue has been address in mod_wsgi 4.0 trunk in source code repository if you can check that it now works as required.
Graham On 28 October 2011 09:43, Graham Dumpleton <[email protected]> wrote: > Here is the reason. > > For daemon mode, partially out of convenience as could reuse some > routines provided by Apache, the format of the response on the socket > returned from daemon process to Apache child process is the same as > that which would be returned by a CGI script. The code then uses an > existing function in Apache to parse that CGI type response and back > fill it into the Apache request structure. In doing that the code has: > > /* The HTTP specification says that it is legal to merge duplicate > * headers into one. Some browsers that support Cookies don't like > * merged headers and prefer that each Set-Cookie header is sent > * separately. Lets humour those browsers by not merging. > * Oh what a pain it is. > */ > > So, it is mindful of joining headers, but only for the Cookie case. > > Normally the WWW-Authenticate case wouldn't be a problem because the > original Authorization header can never be passed to a CGI script and > it wouldn't be able to handle authorisation and so generate > WWW-Authenticate. > > To fix it would mean making a copy of the existing function in Apache > I am using and never have it merge headers. This is probably doable > and would simplify things. There are extra protections in that > function around squashing duplicates of other response headers as > well, however that might also being done on daemon mode side anyway so > may not be a problem. Duplicating the function would also mean that > can generate more specific errors messages related to mod_wsgi when > timeout occurs rather than the current cryptic CGI heritage message. > > Can you create a ticket on the mod_wsgi issue tracker with information > from these posts? > > I am busy coming up to a GA release of product at work at the moment, > but after that intend to come back to do some work on mod_wsgi and try > and get a 4.0 release out with some new features specifically related > to product doing at work. > > So sorry, not sure I have a quick solution right now. Don't know if > mod_headers is flexible enough to allow you to effectively split a > response header into two. > > http://httpd.apache.org/docs/current/mod/mod_headers.html > > It may be possible using some convoluted sequence of directives. > > Not sure that mod_rewrite is of any help as don't think it works on responses. > > Graham > > On 28 October 2011 09:02, Mark Nevill <[email protected]> wrote: >> Hi >> >> On 27 October 2011 23:38, Graham Dumpleton <[email protected]> >> wrote: >>> Can you verify this is only the case for mod_wsgi daemon mode. >> >> Confirmed. Following responses were generated with identical code but >> toggling of a "WSGIProcessGroup wsgidev" directive: >> >> [begin] >> $ curl --include [...]/test.wsgi/auth >> HTTP/1.1 401 Unauthorized >> Date: Thu, 27 Oct 2011 21:58:19 GMT >> Server: Apache/2.2.16 (Debian) >> WWW-Authenticate: Negotiate, Basic realm="Internal Area" >> Content-Length: 43 >> Vary: Accept-Encoding >> Content-Type: text/plain >> >> DAEMON MODE: process_group=wsgidev >> [end] >> >> vs >> >> [begin] >> $ curl --include [...]/test.wsgi/auth >> HTTP/1.1 401 Unauthorized >> Date: Thu, 27 Oct 2011 21:58:51 GMT >> Server: Apache/2.2.16 (Debian) >> WWW-Authenticate: Negotiate >> WWW-Authenticate: Basic realm="Internal Area" >> Content-Length: 40 >> Vary: Accept-Encoding >> Content-Type: text/plain >> >> EMBEDDED MODE: no process_group >> [end] >> >> Regards, >> Mark >> >> -- >> You received this message because you are subscribed to the Google Groups >> "modwsgi" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group at >> http://groups.google.com/group/modwsgi?hl=en. >> >> > -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/modwsgi?hl=en.
