HTTPS - HTTPPasswordMgrWithDefaultRealm

Max Slimmer max at theslimmers.net
Fri Dec 11 13:59:40 EST 2009 

1) I have an application that accesses a web site via HTTPS using a
certificate. The primary url returns a 302 redirect, urllib2 then goes to
this address and gets a 401, which if the passwordMgr has be setup properly
then connects.

I have been able to determine a set of uri's that if fed to the
passwordMgr.add_password() make things work. The problem is that depending
on where the application is run from the redirect may be to different url's.
I would like to dynamically catch the redirect and then format
add_password() properly to add this uri and the user/password information
rather than having to determine all possible uri's and load passwordMgr at
init time.
If I overload the redirect handler when it gets there I don't have access to
the passwordMgr.  Following is a snipit of the code:

                passwordMgr = urllib2.HTTPPasswordMgrWithDefaultRealm()
            #### Here I am setting passwordMgr up with all known uri's, but
if I get redirected to some other address It no longer works  ####
for uri in ('payex.adp.com','agateway.adp.com','bgateway.adp.com','.adp.com
'):
passwordMgr.add_password(None, uri, usr, pwd)
 basicAuthHndlr = urllib2.HTTPBasicAuthHandler(passwordMgr)
 cookies = cookielib.CookieJar()
cookieHndlr = urllib2.HTTPCookieProcessor(cookies)

self.opener = urllib2.build_opener(MultipartPostHandler,
HTTPSClientAuthHandler(httpDebug),basicAuthHndlr,cookieHndlr,urllib2.HTTPRedirectHandler())

I then call:
               self.opener(request)

2) I have a second problem, for which I have created an ugly workaround,
Namely I need a way to give the HTTPSConnection.__ini__() a reference to the
cert file. The HTTPSClientAuthHandler do_open method takes a ref to the
HTTPSClientAuthConnection not an instance, so I overloaded this class and
get the cert_file via a previously set global ref.  I would like a better
way to feed the cert file.  Here is the code I am using:

class HTTPSClientAuthConnection(httplib.HTTPSConnection):
def __init__(self, host, timeout=socket._GLOBAL_DEFAULT_TIMEOUT):
# nb cert_file is global and set in UrllibPX
httplib.HTTPSConnection.__init__(self, host, cert_file=cert_file)

doseq = 1
class HTTPSClientAuthHandler(urllib2.HTTPSHandler):
 def https_open(self, req):
for tries in range(3):
try:
ret = self.do_open(HTTPSClientAuthConnection, req)
return ret
except URLError:
log = logging.getLogger()
log.warn("problem connecting")
raise


thanks,


-- 
Max Slimmer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20091211/4776dedb/attachment.html>

More information about the Python-list mailing list