On 23/03/2009, at 11:33 PM, gguu wrote:
>
> I want to achieve Authentication in some pylons Controllers
>
> I know there is Authkit and other stuff around , but nothing seems to
> be a s simple as I need it.
> When using simpleservers I just do: self.send_response(401,
> 'UNAUTHORIZED'); self.send_header('WWW-Authenticate', 'Basic
> realm=""')
> then catching the headers and comparing it with a Base64 encoded auth
> string.
>
> How Can I do this with pylons?
>
> I did:
>
> response.headers.clear()
> response.headers = {'WWW-Authenticate': 'Basic realm="test"'}
> response.status = 401;
> return
>
> When I watch the headers its sending my headers, but afterwards also
> some other headers, which break everything.
>
>
> How Can I just create a middleware, which inserts my headers, when
> calling it from any controller, and doing basic authentication then?
I highly recommend using the repoze.who middleware, it handles all
this for you. See http://tinyurl.com/6hs4qp
However, doing it manually is certainly straight forward. You are
probably hitting the StatusCodeRedirect middleware which hijacks your
401 response and replaces it with a "friendly" error page. You have
to signal StatusCodeRedirect to ignore your error by setting the
'pylons.status_code_redirect' environment variable to True.
This simple example should do what you want:
def index(self):
request.environ['pylons.status_code_redirect'] = True
response.headers['WWW-Authenticate'] = 'Basic realm="test"'
abort(401)
return 'Hello World'
Note that it is recommended to use abort() to return your error. And
you shouldn't need to clear the response headers.
Cheers,
Chris
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en
-~----------~----~----~----~------~----~------~--~---