[Web-SIG] Communicating authenticated user information
Phillip J. Eby
pje at telecommunity.com
Tue Jan 24 17:33:56 CET 2006
At 10:15 PM 1/23/2006 -0500, Clark C. Evans wrote:
>On Mon, Jan 23, 2006 at 04:15:06PM -0500, Phillip J. Eby wrote:
>| At 03:36 PM 1/23/2006 -0500, Stephan Richter wrote:
>| > Specify a new environment variable called 'wsgi.user' (or something
>| > similar) that is a mutable and can be written several times. Only
>| > the last write (before the output is sent) is important. By default
>| > the variable is set to ``None`` for not set.
>Why not ``wsgi.context`` or something like that which defaults to
>an empty dictionary. Then you can put what ever you want in it;
>``wsgi.user`` just seems to be a bit too specific.
We want to be specific, as it wouldn't be a very good specific-ation
>| I'd suggest a callable under 'wsgi.log_username', that takes one
>I think this is way too specific; it doesn't address the general
>problem: how do you pass information back up the middleware stack.
There is no "general problem" which anyone is trying to solve. The use
case requested by Jim and Stephan is quite specific.
>| It should be specified whether it requires ASCII or Unicode.
>Why cannot it just accept a Python string? You can always check
>if it is Unicode or not.
I'm pointing out that the use case under consideration isn't specific
*enough* yet. Do people's log files support unicode? Do the
authentication systems? This hasn't been made clear, and it should be.
More information about the Web-SIG