At 11:22 AM 1/22/2006 -0500, Jim Fulton wrote: >Typically, web servers provide access logs that include a label >for the authenticated user. > >Often, WSGI applications (or middleware) provide their own user >authentication facilities. Well, Zope does. :) > >There doesn't seem to be a standard way for WSGI applications or >middleware to communicate the information necessary for a server >to log the authenticated user back to the server. > >Am I missing something? How do other people handle this? > >Is Zope the only WSGI application that performs authentication >itself?
I think Zope is the only WSGI application that cares about communicating this information back to the web server's logs. :) Or at least, the only one whose author has said so. :) Perhaps an "X-Authenticated-User: foo" header could be added in a future spec version? (And as an optional feature in the current PEP.) This seems a simpler way to incorporate the feature than adding an extension API to environ. _______________________________________________ Web-SIG mailing list Web-SIG@python.org Web SIG: http://www.python.org/sigs/web-sig Unsubscribe: http://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com
