[Web-SIG] Communicating authenticated user information
Michal Wallace
michal at sabren.com
Wed Jan 25 06:41:01 CET 2006
On Tue, 24 Jan 2006, Clark C. Evans wrote:
> On Mon, Jan 23, 2006 at 02:25:35PM -0500, Phillip J. Eby wrote:
> | You simply can't use environ values to communicate *up*
> | the WSGI stack, since at no level is it guaranteed you
> | have the "same" dictionary. Response headers and
> | callables (or mutables) in the environ are the only way to
> | send stuff upstream. You also have to be careful that any
> | upstream communication doesn't bypass something that
> | middleware should be allowed to control.
> So, I reject this approach, and I suggested that the same ``environ``
> object should be passed all the way down the WSGI stack.
Unfortunately, if you require it to be the exact same
*object* then you're making the requirement that
everything in the stack happens in the same process,
on the same machine.
That means you can't distribute the magic over xml-rpc or SOAP
or some other protocol, and you might want to do that if you're
using a load balancing feature or want part of the system
to run as a different user.
I suppose you could pass *copies* around, either of
the whole dictionary or just certain values... (maybe?)
Sincerely,
Michal J Wallace
Sabren Enterprises, Inc.
-------------------------------------
contact: michal at sabren.com
hosting: http://www.cornerhost.com/
my site: http://www.withoutane.com/
-------------------------------------
More information about the Web-SIG
mailing list