.htacces

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

.htacces

gert cuykens

does cherrypy.request.login work when you are behind a apache server
and let apache do the user verification with .htacces file ?


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "cherrypy-devel" group.
To post to this group, send email to [hidden email]
To unsubscribe from this group, send email to [hidden email]
For more options, visit this group at http://groups.google.com/group/cherrypy-devel
-~----------~----~----~----~------~----~------~--~---

Reply | Threaded
Open this post in threaded view
|

Re: .htacces

Robert Brewer

gert wrote:
> does cherrypy.request.login work when you are behind a apache server
> and let apache do the user verification with .htacces file ?

That depends on how you have Apache connected to CP. If you're using
_cpmodpy or modpython_gateway, then yes, request.login is set from
req.user. If you're using mod_proxy or mod_rewrite, then the WSGI layer
will set request.login from the LOGON_USER or REMOTE_USER request
header. If you're using some other mechanism, not sure.


Robert Brewer
System Architect
Amor Ministries
[hidden email]

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "cherrypy-devel" group.
To post to this group, send email to [hidden email]
To unsubscribe from this group, send email to [hidden email]
For more options, visit this group at http://groups.google.com/group/cherrypy-devel
-~----------~----~----~----~------~----~------~--~---

Reply | Threaded
Open this post in threaded view
|

Re: .htacces

gert cuykens

On Mar 7, 10:00 pm, "Robert Brewer" <[hidden email]> wrote:

> gert wrote:
> > does cherrypy.request.login work when you are behind a apache server
> > and let apache do the user verification with .htacces file ?
>
> That depends on how you have Apache connected to CP. If you're using
> _cpmodpy or modpython_gateway, then yes, request.login is set from
> req.user. If you're using mod_proxy or mod_rewrite, then the WSGI layer
> will set request.login from the LOGON_USER or REMOTE_USER request
> header. If you're using some other mechanism, not sure.
>

i am using proxy mod here. You know whats funny , and i know you are
not going to believe me first but i swear its true. Suppose you make a
class root: and a class cgi: that is a sub class from root defining it
in de __init__ from root class. In the config you tell cgi to
authenticate. Then you make a html file with some javascript in it
that does a xml http request to cgi.dosomething(). The autheticate
login popups but the you have to wait 1 minute before you can push the
ok button els it doesn't recognize your login and asks to login again.
After you wait for 1 minute everthing works fine.

Try this in 3.0.1

class Root(object):

    def __init__(self):
        self.cgi = Cgi()

    @cherrypy.expose
    def index(self):
        return "some html with a js FF2 xmlhttprequest to cgi"

class Cgi(object):

    @cherrypy.expose
    def post(self,post) :
        return "hello world"

conf = {'/'   :
        {'tools.staticdir.on' : True,
         'tools.staticdir.dir':os.path.join(pwd,"../static")}
        'cgi' :
         {'tools.digest_auth.on': True,
          'tools.digest_auth.realm': 'Cgi Aministrator',
          'tools.digest_auth.users': {'a':'a'}}
        }



--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "cherrypy-devel" group.
To post to this group, send email to [hidden email]
To unsubscribe from this group, send email to [hidden email]
For more options, visit this group at http://groups.google.com/group/cherrypy-devel
-~----------~----~----~----~------~----~------~--~---

Reply | Threaded
Open this post in threaded view
|

Re: .htacces

Robert Brewer

gert wrote:

> On Mar 7, 10:00 pm, "Robert Brewer" <[hidden email]> wrote:
> > gert wrote:
> > > does cherrypy.request.login work when you are behind a
> apache server
> > > and let apache do the user verification with .htacces file ?
> >
> > That depends on how you have Apache connected to CP. If you're using
> > _cpmodpy or modpython_gateway, then yes, request.login is set from
> > req.user. If you're using mod_proxy or mod_rewrite, then
> the WSGI layer
> > will set request.login from the LOGON_USER or REMOTE_USER request
> > header. If you're using some other mechanism, not sure.
> >
>
> i am using proxy mod here. You know whats funny , and i know you are
> not going to believe me first but i swear its true. Suppose you make a
> class root: and a class cgi: that is a sub class from root defining it
> in de __init__ from root class. In the config you tell cgi to
> authenticate. Then you make a html file with some javascript in it
> that does a xml http request to cgi.dosomething(). The autheticate
> login popups but the you have to wait 1 minute before you can push the
> ok button els it doesn't recognize your login and asks to login again.
> After you wait for 1 minute everthing works fine.
>
> Try this in 3.0.1
>
> class Root(object):
>
>     def __init__(self):
>         self.cgi = Cgi()
>
>     @cherrypy.expose
>     def index(self):
>         return "some html with a js FF2 xmlhttprequest to cgi"
>
> class Cgi(object):
>
>     @cherrypy.expose
>     def post(self,post) :
>         return "hello world"
>
> conf = {'/'   :
>         {'tools.staticdir.on' : True,
>          'tools.staticdir.dir':os.path.join(pwd,"../static")}
>         'cgi' :
>          {'tools.digest_auth.on': True,
>           'tools.digest_auth.realm': 'Cgi Aministrator',
>           'tools.digest_auth.users': {'a':'a'}}
>         }

You might be running into this issue: http://www.cherrypy.org/ticket/550


Robert Brewer
System Architect
Amor Ministries
[hidden email]

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "cherrypy-devel" group.
To post to this group, send email to [hidden email]
To unsubscribe from this group, send email to [hidden email]
For more options, visit this group at http://groups.google.com/group/cherrypy-devel
-~----------~----~----~----~------~----~------~--~---

Reply | Threaded
Open this post in threaded view
|

Re: .htacces

gert cuykens

> You might be running into this issue:http://www.cherrypy.org/ticket/550

i dont know here is my life example

svn co https://dfo.svn.sourceforge.net/svnroot/dfo/trunk

just run __init__.py in de cgi directory try to login with user="a"
password="a" as many times and as fast as you can. it will not crash
or generated errors, then just wait one minute before pushing the ok
button and somehow it works :)


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "cherrypy-devel" group.
To post to this group, send email to [hidden email]
To unsubscribe from this group, send email to [hidden email]
For more options, visit this group at http://groups.google.com/group/cherrypy-devel
-~----------~----~----~----~------~----~------~--~---