On Monday, October 15, 2012 8:22:55 AM UTC+5:30, Graham Dumpleton wrote: > > The restriction on what mod_wsgi WSGIUserAuthScript does is because it > is implementing an Apache authentication provider and not a full > Apache handler. As such it isn't possible to override the status. That > is because of how Apache authentication providers work and not > mod_wsgi. The WSGIAccessScript is principally to do the equivalent of > 'All from host' so all it can do is signal whether forbidden or not. > > Anyway, post your existing mod_python access handler and may be able > to suggest something. If you were using an access handler to do > authentication you were technically abusing Apache in ways you > shouldn't. So not sure if will though have an answer. > > What I am looking for is to get hold of access_checker phase of apache. See http://ci.apache.org/projects/httpd/trunk/doxygen/group__hooks.html
It that possible using mod_wsgi? Thanks and Regards Noorul > Graham > > On 15 October 2012 12:38, Noorul Islam Kamal Malmiyoda > <[email protected] <javascript:>> wrote: > > Hello all, > > > > In my current mod_python setup I have configured to serve some static > files. > > See below snippet from httpd.conf > > > > Alias /files /path/to/static/files/folder > > > > <Location /files> > > DirectoryIndex .files_index.html > > AuthType Basic > > AuthName "Library" > > PythonPath "sys.path + ...." > > PythonAccessHandler modpython_fileauth > > PythonDebug Off > > FileETag None > > Header unset ETag > > Header set Cache-Control "max-age=0, private" > > Header set Expires "0" > > </Location> > > > > But these files can only be accessed by users based on some conditions. > And > > these conditions are coded in modpython_fileauth. User can only see the > > Basic Auth pop-up based on some conditions because some of the paths > based > > on several other conditions does not require authentication. This is > > achieved using req.get_basic_auth_pw() in mod_python. I am struggling to > > port this to mod_wsgi. > > > > As far as I know, it looks like mod_wsgi has two directives > > WSGIUserAuthScript and WSGIAccessScript. But these two have > restrictions. > > From the corresponding python functions I am not able to request for > Basic > > Auth from browser. Yes, I can send 401 from application because it has > > start_response, but that is not possible from these methods because it > is > > expecting to return True or False. And in the case of WSGIUserAuthScript > the > > corresponding method is not called if "Require valid-user" is not set. I > > think it is not ideal to do something like this using wsgi application > as I > > want Apache to serve all my files and python to do some validation > before > > that. > > > > It will be helpful if those who encountered something similar could > share > > their thoughts on this. > > > > Thanks and Regards > > Noorul > > > > -- > > You received this message because you are subscribed to the Google > Groups > > "modwsgi" group. > > To view this discussion on the web visit > > https://groups.google.com/d/msg/modwsgi/-/qLCR91QL1x0J. > > To post to this group, send email to [email protected]<javascript:>. > > > To unsubscribe from this group, send email to > > [email protected] <javascript:>. > > For more options, visit this group at > > http://groups.google.com/group/modwsgi?hl=en. > -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To view this discussion on the web visit https://groups.google.com/d/msg/modwsgi/-/zWQHSissBzIJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/modwsgi?hl=en.
