[Moin-user] Re: Basic HTTP Auth under Twisted/Moin

Thomas Waldmann tw-public at gmx.de
Wed Mar 23 04:47:09 EST 2005

Hi Tom,

the twisted stuff is still missing some pieces of code for http basic auth.

Make sure you run 1.3.4 (or current arch checkout) before proceeding.

What's missing is that the twisted stuff in request.py checks the 
password - see the comments there.

This is different from apache. When apache gives you the basic auth 
username, it already HAS checked the password and it was valid. You can 
get both username and password from twisted, but you have to check on 
your own (see enc_password in user account).

Be aware that this might not be trivial to implement, because of the 
order the request and user objects are created.



More information about the Moin-user mailing list