mod_python and authentication

Rajarshi Guha rajarshi at presidency.com
Fri Sep 20 20:53:07 CEST 2002


Hi,
  when I want to use the Publisher method from mod_python I set up the
directory entry (in http.conf) like so:

    SetHandler python-program
    PythonHandler mod_python.publisher

However, I would like to add authentication. So I add the lines:

    PythonAuthenHandler entry
    AuthType Basic
    AuthName "DANGER!!!"

And then have a file called entry.py which has the function
authenhandler, the username and passwd dialog popup from the browser, but
after it authenticates it says that 

Directory index forbidden by rule: /var/www/secured/todo/

Ideally I would like the authenhandler to serve up  a page (say by using
abc.xyz.com:/form.py/details ).


I have also tried this: before returning apache.OK I simply
write the HTML using req.write(). However then I get the error:

Directory index forbidden by rule: /var/www/secured/todo/

in the logfile. But I also get the page rendered along with the error
message at the bottom of the page.

Is this the right way to do it? Or is this possible using the Publisher
method - if so, what prevents a user from simply typing the url and
bypassing the authentication function?

Thanks,



More information about the Python-list mailing list