Hi,
I'm using django 1.2 behind Apache 2.2.x, and authenticating with
mod_python PythonAuthenHandler.
My purpose is to call a view function from a non-human authorized HTTP
client.
Hence, I would like to use both the @csrf_exempt and the
@user_passes_test decorators together.
However, there seems to be a problem with obtaining the user identify
when @csrf_exempt is used.
The following scenario works fine without the @csrf_exempt decorator:
1. Use Firefox to access the web application. As expected, Apache
requires a username and password.
2. Enter a valid username and password
3. Have the view function print request.username. The correct username
is printed.
Now I add the @csrf_exempt decorator, clear the Firefox user/password
cache and repeat the same steps.
But this time a wrong user object is received: AnonymousUser.
Is this by design and I'm just missing something? Or is this a bug?
Any suggested workarounds?
Thanks!
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
