mod_python and authentication
Rajarshi Guha
rajarshi at presidency.com
Fri Sep 20 14:53:07 EDT 2002
Hi,
when I want to use the Publisher method from mod_python I set up the
directory entry (in http.conf) like so:
SetHandler python-program
PythonHandler mod_python.publisher
However, I would like to add authentication. So I add the lines:
PythonAuthenHandler entry
AuthType Basic
AuthName "DANGER!!!"
And then have a file called entry.py which has the function
authenhandler, the username and passwd dialog popup from the browser, but
after it authenticates it says that
Directory index forbidden by rule: /var/www/secured/todo/
Ideally I would like the authenhandler to serve up a page (say by using
abc.xyz.com:/form.py/details ).
I have also tried this: before returning apache.OK I simply
write the HTML using req.write(). However then I get the error:
Directory index forbidden by rule: /var/www/secured/todo/
in the logfile. But I also get the page rendered along with the error
message at the bottom of the page.
Is this the right way to do it? Or is this possible using the Publisher
method - if so, what prevents a user from simply typing the url and
bypassing the authentication function?
Thanks,
More information about the Python-list
mailing list