hi gustavo, friends,
it should be simpler than it shows. it's a function call on an accessible object: server.ssl_context. thus all i miss is the server object, and i'm asking on this list as tg developers know where they invoke the server. my action should take place after the server is up, but before any request. alex On Wed, Apr 29, 2009 at 19:13, Gustavo Narea <[email protected]> wrote:
Hello, Alex! On Wednesday April 29, 2009 17:32:36 [email protected] wrote:thanks a lot gustavo. i were far away from this source of information. but this should help if i want to authenticate the client in apache, and i wanted to do this in paste SecureHTTPServer. the way to go with the underlying pyopenssl is setting a callback function that will be called for each certificate the client has. when the relevant match occurs, the client's certificate userid will just be looked up in the users' table, and the password shoud not be checked. that's why i wanted to be able to set the verify callback function on the server.ssl_context, at some early point before the first request, like config.app_cfg.py.That's another story! ;-) You're looking for authentication at the server level, but repoze.who is WSGI middleware -- this is, it's run by the server (so you can't use it before the server). It's not possible to use repoze.who here. If I were you, I'd try the Paste mailing list, since you're trying to add X.509 authentication to their server. Good luck! -- Gustavo Narea <xri://=Gustavo>. | Tech blog: =Gustavo/(+blog)/tech ~ About me: =Gustavo/about | --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/turbogears?hl=en -~----------~----~----~----~------~----~------~--~---
-- alex
smime.p7s
Description: S/MIME Cryptographic Signature
