It is not possible to do what you want in mod_wsgi as it doesn't aim to provide a full on mechanism of writing arbitrary Apache handlers for the different Apache phases.
For anything related to login and session management, suggest you look at: http://www.openfusion.com.au/labs/mod_auth_tkt/ or if using Apache 2.4, the new mod_session module. Also learn any necessary Apache configuration mechanism such as mod_headers, mod_rewrite etc, so as to be able to do this sort of thing in Apache itself in some way in conjunction with mod_session or mod_auth_kit. Graham On 18 October 2012 12:50, Noorul Islam Kamal Malmiyoda <[email protected]> wrote: > On Monday, October 15, 2012 8:22:55 AM UTC+5:30, Graham Dumpleton wrote: >> >> The restriction on what mod_wsgi WSGIUserAuthScript does is because it >> is implementing an Apache authentication provider and not a full >> Apache handler. As such it isn't possible to override the status. That >> is because of how Apache authentication providers work and not >> mod_wsgi. The WSGIAccessScript is principally to do the equivalent of >> 'All from host' so all it can do is signal whether forbidden or not. >> >> Anyway, post your existing mod_python access handler and may be able >> to suggest something. If you were using an access handler to do >> authentication you were technically abusing Apache in ways you >> shouldn't. So not sure if will though have an answer. >> > > What I am looking for is to get hold of access_checker phase of apache. See > http://ci.apache.org/projects/httpd/trunk/doxygen/group__hooks.html > > It that possible using mod_wsgi? > > Thanks and Regards > Noorul > >> >> Graham >> >> On 15 October 2012 12:38, Noorul Islam Kamal Malmiyoda >> <[email protected]> wrote: >> > Hello all, >> > >> > In my current mod_python setup I have configured to serve some static >> > files. >> > See below snippet from httpd.conf >> > >> > Alias /files /path/to/static/files/folder >> > >> > <Location /files> >> > DirectoryIndex .files_index.html >> > AuthType Basic >> > AuthName "Library" >> > PythonPath "sys.path + ...." >> > PythonAccessHandler modpython_fileauth >> > PythonDebug Off >> > FileETag None >> > Header unset ETag >> > Header set Cache-Control "max-age=0, private" >> > Header set Expires "0" >> > </Location> >> > >> > But these files can only be accessed by users based on some conditions. >> > And >> > these conditions are coded in modpython_fileauth. User can only see the >> > Basic Auth pop-up based on some conditions because some of the paths >> > based >> > on several other conditions does not require authentication. This is >> > achieved using req.get_basic_auth_pw() in mod_python. I am struggling to >> > port this to mod_wsgi. >> > >> > As far as I know, it looks like mod_wsgi has two directives >> > WSGIUserAuthScript and WSGIAccessScript. But these two have >> > restrictions. >> > From the corresponding python functions I am not able to request for >> > Basic >> > Auth from browser. Yes, I can send 401 from application because it has >> > start_response, but that is not possible from these methods because it >> > is >> > expecting to return True or False. And in the case of WSGIUserAuthScript >> > the >> > corresponding method is not called if "Require valid-user" is not set. I >> > think it is not ideal to do something like this using wsgi application >> > as I >> > want Apache to serve all my files and python to do some validation >> > before >> > that. >> > >> > It will be helpful if those who encountered something similar could >> > share >> > their thoughts on this. >> > >> > Thanks and Regards >> > Noorul >> > >> > -- >> > You received this message because you are subscribed to the Google >> > Groups >> > "modwsgi" group. >> > To view this discussion on the web visit >> > https://groups.google.com/d/msg/modwsgi/-/qLCR91QL1x0J. >> > To post to this group, send email to [email protected]. >> > To unsubscribe from this group, send email to >> > [email protected]. >> > For more options, visit this group at >> > http://groups.google.com/group/modwsgi?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "modwsgi" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/modwsgi/-/zWQHSissBzIJ. > > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/modwsgi?hl=en. -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/modwsgi?hl=en.
