On Feb 18, 8:58 am, Ed Singleton <[email protected]> wrote:
> On 6 Feb 2009, at 08:32, Armin Ronacher wrote:
>
> > I stronly recommend against serving static files from Python for
> > production sites. Configuring Apache to serve static files in a
> > folder
> > is a one-liner and it shouldn't be much harder for other servers.
>
> Out of interest, do you have a recommendation for applying aplication
> security to file downloads when serving through Apache? For example
> making sure that only a certain user or group of users can download a
> file?
>
> I agree with the general principle of serving static content through
> Apache, but I haven't found a good solution for when you have
> application security set up (users in a database etc) and need to
> restrict files.
How easy that is depends on the authentication mechanism used.
If you using Apache to perform HTTP Basic or Digest authentication for
you, possibly with Python code serving as auth provider (if using
mod_wsgi), then you can use standard Apache authorisation mechanisms
to define the restrictions.
The hard one is where you are using a form/session based login
mechanism. This is because this is handled in the application after
Apache's authentication/authorisation phases. What would be required
for that to work is a SSO mechanism that can be applied at Apache
level. Such a mechanism will be available in Apache in 2.4.
Now, there is an outside chance that the authnz hooks in mod_wsgi may
be able to be used, but really depends on how you are handling
authentication, so perhaps explain how you are managing that.
FWIW, the auth provider hooks that mod_wsgi supports are described in:
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms
Graham
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"pocoo-libs" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/pocoo-libs?hl=en
-~----------~----~----~----~------~----~------~--~---
