Ian Bicking wrote: > Some time ago I wrote this up as a proposal for the basic way > authentication can work in WSGI: > http://wsgi.org/wsgi/Specifications/simple_authentication > > I think most of the systems work pretty much like this, but I don't know > for sure. >
Ian, that's exactly what I want :-) And your specification is almost perfect. Some notes: 1. AuthKit authorization throws httpexception with code 401 That's why you should handle exception in authentication side before (matter of one line): app = HTTPExceptionHandler(app) Example middleware: http://hg.sandbox.lt/authform-middleware/file/2be2aba0a1b7/authform_middleware/authform.py 2. I think we should agree that user data if there is some data arriving with authentication should be put into REMOTE_USER_DATA env. variable. E.g. some SREG data comes with OpenID authentication and I put it into dict converted to string ('{"nickname": "dalius"}') and later eval it so it could be used. I'm not sure if data string must be agreed (e.g. nickname, locale and etc) or leave that for authentication plugin/middleware author to fix. 3. It might be possible that pylons will handle error 401 properly even without WWW-Authenticate header. Regards, Dalius --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
