mod_python and authentication

Rajarshi Guha rajarshi at
Fri Sep 20 14:53:07 EDT 2002

  when I want to use the Publisher method from mod_python I set up the
directory entry (in http.conf) like so:

    SetHandler python-program
    PythonHandler mod_python.publisher

However, I would like to add authentication. So I add the lines:

    PythonAuthenHandler entry
    AuthType Basic
    AuthName "DANGER!!!"

And then have a file called which has the function
authenhandler, the username and passwd dialog popup from the browser, but
after it authenticates it says that 

Directory index forbidden by rule: /var/www/secured/todo/

Ideally I would like the authenhandler to serve up  a page (say by using ).

I have also tried this: before returning apache.OK I simply
write the HTML using req.write(). However then I get the error:

Directory index forbidden by rule: /var/www/secured/todo/

in the logfile. But I also get the page rendered along with the error
message at the bottom of the page.

Is this the right way to do it? Or is this possible using the Publisher
method - if so, what prevents a user from simply typing the url and
bypassing the authentication function?


More information about the Python-list mailing list