[Python-checkins] CVS: python/nondist/peps pep-0268.txt,1.3,1.4

Greg Stein gstein@users.sourceforge.net
Tue, 21 Aug 2001 13:20:24 -0700 

Update of /cvsroot/python/python/nondist/peps
In directory usw-pr-cvs1:/tmp/cvs-serv26437

Modified Files:
	pep-0268.txt 
Log Message:
Complete the authentication section, and flesh out the proxy and DAV
sections.



Index: pep-0268.txt
===================================================================
RCS file: /cvsroot/python/python/nondist/peps/pep-0268.txt,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** pep-0268.txt	2001/08/21 08:22:47	1.3
--- pep-0268.txt	2001/08/21 20:20:22	1.4
***************
*** 8,12 ****
  Created: 20-Aug-2001
  Python-Version: 2.2
! Post-History:
  
  
--- 8,12 ----
  Created: 20-Aug-2001
  Python-Version: 2.2
! Post-History: 21-Aug-2001
  
  
***************
*** 63,67 ****
      authentication (for both proxy and origin server
      authentication). This mixin (httpx.HandleAuthentication) can be
!     combined with the HTTPConnection or the HTTPSConnection classes
      (the mixin may possibly work with the HTTP and HTTPS compatibility
      classes, but that is not a requirement).
--- 63,67 ----
      authentication (for both proxy and origin server
      authentication). This mixin (httpx.HandleAuthentication) can be
!     combined with the HTTPConnection and the HTTPSConnection classes
      (the mixin may possibly work with the HTTP and HTTPS compatibility
      classes, but that is not a requirement).
***************
*** 71,82 ****
      authenticators. The use of a separate object allows for a long
      term connection to an authentication system (e.g. LDAP). An
!     authenticator for the Basic mechanism (see RFC 2617) will be
!     provided. Digest would be great, but we need to find some code for
!     it (or a motivated developer). User-supplied authenticator
!     subclasses can be registered and used by the connections.
  
!     A "credentials" object is also associated with the mixin, and
!     stores the credentials (e.g. username and password) needed by the
!     authenticators. Subclasses of the credentials object can be
      created to hold additional information (e.g. NT domain).
  
--- 71,81 ----
      authenticators. The use of a separate object allows for a long
      term connection to an authentication system (e.g. LDAP). An
!     authenticator for the Basic and Digest mechanisms (see RFC 2617)
!     will be provided. User-supplied authenticator subclasses can be
!     registered and used by the connections.
  
!     A "credentials" object (httpx.Credentials) is also associated with
!     the mixin, and stores the credentials (e.g. username and password)
!     needed by the authenticators. Subclasses of Credentials can be
      created to hold additional information (e.g. NT domain).
  
***************
*** 90,94 ****
      authenticator can examine the response headers and decide whether
      and how to resend the request with the correct authentication
!     headers.
  
      Resending a request, with the appropriate credentials, is one of
--- 89,94 ----
      authenticator can examine the response headers and decide whether
      and how to resend the request with the correct authentication
!     headers. If no authenticator can successfully handle the
!     authentication, then an exception is raised.
  
      Resending a request, with the appropriate credentials, is one of
***************
*** 105,128 ****
      information.
  
!     [ what to do when the body is too big: raise an error? special
!     return value? ... ]
  
!     [ need more info here about storing realms/headers in the
!     credentials object (keyed by host, port) ... resending those
!     automatically when making requests ... persisting the credentials
!     object to have the info next time ... ]
  
!     [ two sets of credentials: one for proxy, one for origin ... ]
  
  
  Proxy Handling
  
!     ... info about proxy handling ... note that proxy auth is handled
!     above ...
  
  
  WebDAV Features
  
!     ... info about the dav module ...
  
  
--- 105,179 ----
      information.
  
!     If the body is too large to be stored, then the getresponse()
!     simply returns the response object, indicating the 401 or 407
!     error. Since the authentication information has been computed and
!     cached (into the Credentials object; see below), the caller can
!     simply regenerate the request. The mixin will attach the
!     appropriate credentials.
  
!     A "protection space" (see RFC 2617, section 1.2) is defined as a
!     tuple of the host, port, and authentication realm. When a request
!     is initially sent to an HTTP server, we do not know the
!     authentication realm (the realm is only returned when
!     authentication fails). However, we do have the path from the URL,
!     and that can be useful in determining the credentials to send to
!     the server.  The Basic authentication scheme is typically set up
!     hierarchically: the credentials for /path can be tried for
!     /path/subpath. The Digest authentication scheme has explicit
!     support for the hierarchical setup. The httpx.Credentials object
!     will store credentials for multiple protection spaces, and can be
!     looked up in two differents ways:
  
!     1) looked up using (host, port, path) -- this lookup scheme is
!     used when generating a request for a path where we don't know the
!     authentication realm.
! 
!     2) looked up using (host, port, realm) -- this mechanism is used
!     during the authentication process when the server has specified
!     that the Request-URI resides within a specific realm.
  
+     The mixin will override endheaders() to automatically insert
+     credentials, if available.
+ 
+     It is also important to note that two sets of credentials are
+     important, and stored by the mixin. One set for any proxy that may
+     be used, and one used for the target origin server.
  
+ 
  Proxy Handling
  
!     The httpx module will provide a mixin for using a proxy to perform
!     HTTP(S) operations. This mixin (httpx.UseProxy) can be combined
!     with the HTTPConnection and the HTTPSConnection classes (the mixin
!     may possibly work with the HTTP and HTTPS compatibility classes,
!     but that is not a requirement).
  
+     The mixin will record the (host, port) of the proxy to use. XXX
+     will be overridden to use this host/port combination for
+     connections and to rewrite request URLs into the absoluteURIs
+     referring to the origin server (these URIs are passed to the proxy
+     server).
+ 
+     Proxy authentication is handled by the httpx.HandleAuthentication
+     class since a user may directly use HTTP(S)Connection to speak
+     with proxies.
  
+ 
  WebDAV Features
  
!     The davlib module will provide a mixin for sending WebDAV requests
!     to a WebDAV-enabled server. This mixin (davlib.DAVClient) can be
!     combined with the HTTPConnection and the HTTPSConnection classes
!     (the mixin may possibly work with the HTTP and HTTPS compatibility
!     classes, but that is not a requirement).
! 
!     The mixin provides methods to perform the various HTTP methods
!     defined by HTTP in RFC 2616, and by WebDAV in RFC 2518.
! 
!     A custom response object is used to decode 207 (Multi-Status)
!     responses. The response object will use the standard library's xml
!     package to parse the multistatus XML information, producing a
!     simple structure of objects to hold the multistatus data. Multiple
!     parsing schemes will be tried/used, in order of decreasing speed.