The restriction on what mod_wsgi WSGIUserAuthScript does is because it is implementing an Apache authentication provider and not a full Apache handler. As such it isn't possible to override the status. That is because of how Apache authentication providers work and not mod_wsgi. The WSGIAccessScript is principally to do the equivalent of 'All from host' so all it can do is signal whether forbidden or not.
Anyway, post your existing mod_python access handler and may be able to suggest something. If you were using an access handler to do authentication you were technically abusing Apache in ways you shouldn't. So not sure if will though have an answer. Graham On 15 October 2012 12:38, Noorul Islam Kamal Malmiyoda <[email protected]> wrote: > Hello all, > > In my current mod_python setup I have configured to serve some static files. > See below snippet from httpd.conf > > Alias /files /path/to/static/files/folder > > <Location /files> > DirectoryIndex .files_index.html > AuthType Basic > AuthName "Library" > PythonPath "sys.path + ...." > PythonAccessHandler modpython_fileauth > PythonDebug Off > FileETag None > Header unset ETag > Header set Cache-Control "max-age=0, private" > Header set Expires "0" > </Location> > > But these files can only be accessed by users based on some conditions. And > these conditions are coded in modpython_fileauth. User can only see the > Basic Auth pop-up based on some conditions because some of the paths based > on several other conditions does not require authentication. This is > achieved using req.get_basic_auth_pw() in mod_python. I am struggling to > port this to mod_wsgi. > > As far as I know, it looks like mod_wsgi has two directives > WSGIUserAuthScript and WSGIAccessScript. But these two have restrictions. > From the corresponding python functions I am not able to request for Basic > Auth from browser. Yes, I can send 401 from application because it has > start_response, but that is not possible from these methods because it is > expecting to return True or False. And in the case of WSGIUserAuthScript the > corresponding method is not called if "Require valid-user" is not set. I > think it is not ideal to do something like this using wsgi application as I > want Apache to serve all my files and python to do some validation before > that. > > It will be helpful if those who encountered something similar could share > their thoughts on this. > > Thanks and Regards > Noorul > > -- > You received this message because you are subscribed to the Google Groups > "modwsgi" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/modwsgi/-/qLCR91QL1x0J. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/modwsgi?hl=en. -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/modwsgi?hl=en.
