> On 27 Oct 2017, at 10:29 am, Mohammad Hashemian <m.hashem...@gmail.com> wrote: > > Thanks a lot, Graham. Very helpful. I actually could make it work. As you > said, I added this to my httpd.conf: > > <Location /dashboard/kibana> > AuthType Form > AuthFormProvider wsgi > AuthName "test" > ErrorDocument 401 /rel/path/to/httdp_signin/signin.html > WSGIAuthUserScript /path/to/wsgi/wsgi.py > WSGIAuthGroupScript /path/to/wsgi/wsgi.py > <RequireAll> > Require wsgi-group myGroup > Require valid-user > </RequireAll> > Session On > SessionCookieName httpdsessionid path=/ > </Location> > > > Now how it works is like this: > > 1. User is logged in Django app and clicks to access the second app (in this > case, Kibana) > 2. Kibana is protected by Apache's authentication, and user is not > authenticated with Apache, so error 401 will navigate the user to the > signin.html page > 3. User has to enter username/password again (not ideal but a lot better than > alternatives I've found so far)
That sounds like you are still relying on Django form login. As I understand it, what you need to do is disable Django forms login and for Django access they should also use the Apache form login. When a request then passes through to Django, you should be having Django trust REMOTE_USER and use that to establish the login session information from Django. There is some details of doing it in: https://docs.djangoproject.com/en/1.11/howto/auth-remote-user/ <https://docs.djangoproject.com/en/1.11/howto/auth-remote-user/> > 4. A new session/cookie is created for the user, which as you said, is > different than the session user had with Django. > 5. Now the user can navigate to Kibana > > This is now working, but I don't know much about embedded vs. daemon mode, > unfortunately. I will have to read a bit about those and make sure that > setting is also done correctly. > > Thanks again for your time, > Mohammad > > -- > You received this message because you are subscribed to the Google Groups > "modwsgi" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to modwsgi+unsubscr...@googlegroups.com > <mailto:modwsgi+unsubscr...@googlegroups.com>. > To post to this group, send email to modwsgi@googlegroups.com > <mailto:modwsgi@googlegroups.com>. > Visit this group at https://groups.google.com/group/modwsgi > <https://groups.google.com/group/modwsgi>. > For more options, visit https://groups.google.com/d/optout > <https://groups.google.com/d/optout>. -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To unsubscribe from this group and stop receiving emails from it, send an email to modwsgi+unsubscr...@googlegroups.com. To post to this group, send email to modwsgi@googlegroups.com. Visit this group at https://groups.google.com/group/modwsgi. For more options, visit https://groups.google.com/d/optout.