On 10/18/2011 02:58 PM, Petr Blahos wrote:
> Hi all, 
> I came across a strange problem, when my Python app using
> repoze.who works on Apache and mod_wsgi but stops working
> when running on Apache mod_uwsgi --> uwsgi. (by not working
> I mean that repoze.who seemed to be completely by-passed).
> Which I later realized was caused by a condition in repoze.who
> middleware:
>        if self.remote_user_key in environ:
>            # act as a pass through if REMOTE_USER (or whatever) is
>            # already set
>            return self.app(environ, start_response)
> and the fact that mod_uwsgi always sets REMOTE_USER.
> When asking on uWSGI list I got this response:
> http://lists.unbit.it/pipermail/uwsgi/2011-October/002780.html
> so I am asking here if there are any thoughts on this?

Stuffing REMOTE_USER into the request willy-nilly may be allowed by the
spec, but it is stupid.  Section 4.1 of that RFC says:

  An optional meta-variable may be omitted (left unset) if its value
  is NULL.

Nevertheless, I would be willing to merge a pull request which bypassed
the bypass if the value was empty.  Such a patch should also include a
test showing the new behavior.

Tres Seaver          +1 540-429-0999          tsea...@palladion.com
Palladion Software   "Excellence by Design"    http://palladion.com
Repoze-dev mailing list

Reply via email to