Hi all,

is there someone, who uses RB 1.5 with X.509 auth, Django 1.2.x (not sure
whether that makes any difference) and mod_python?

After thinking a while about the issue I assume that it is also present with
the stock X.509 auth middleware.

On 12 Oct 2010 17:12, "Thilo-Alexander Ginkel" <th...@ginkel.com> wrote:
> On Mon, Oct 11, 2010 at 19:02, Thilo-Alexander Ginkel <th...@ginkel.com>
>> ACK. I have set up a test installation based on production data and
>> will play around with it a little over the next days to pinpoint what
>> exactly went wrong.
> After some further investigation it seems that mod_python seems to
> recycle request objects, which causes
> X509AuthMiddleware.process_request to be invoked with a request, which
> has a non-anonymous user. This isn't a big deal as long as all
> requests come in with a X509_USERNAME_FIELD in the environment.
> However, requests that do not use X.509 authentication will most
> likely just inherit the user that is already attached to the request.
> I'd appreciate some feedback if that makes any sense and if this
> pre-population of the request with an old user identity is intentional
> or a defect in some other component.
> Regards,
> Thilo

Want to help the Review Board project? Donate today at 
Happy user? Let us know at http://www.reviewboard.org/users/
To unsubscribe from this group, send email to 
For more options, visit this group at 

Reply via email to