Hello! I'm developing a web based application using the Django framework.
One of the requirements for my software state that the program must, whenever possible, automatically "deal" with users that had been previously authenticated via http capabilities. It does not mean it should always log them in - it just must be aware of the fact that the user had previously proven its identity. So I've searched a bit. I came across couple of sites, most notably the: http://code.djangoproject.com/ticket/689 It describes a way to deal with http authentication by the means of middleware. But there's a glitch... Adrian, on "02/28/06 22:19:22", changed the status of that ticket to closed, stating this particular approach was superseded by the multiauth branch. Since I want to follow the development of the framework I tried to apply the "new model" to my problem... without any luck. At the very last I ended up with a backend, that had its authenticate() method similar to: def authenticate(self): return User.objects.get(id=1) So, at least in theory, it should always return a user. It did in fact, but the login process still required that the user submitted a form - which is redundant in case of the http authentication. So my question is the following :) Does the new "Multiple Auth Backend" model really make the "middleware approach" for the http authentication obsolete? If it is obsolete - could you please point me (rtfm/rtfc will do) to the solution that uses the multi auth model? The only requirement is that the user must input its credentials only once - and it must be the http login form, provided by the web browser. Just for the record - one of the arguments against implementing http authentication in Django, that was presented on http://www.djangoproject.com/weblog/2005/oct/24/http/, was that it is impossible to logout a user. Since it is not quite true (see a comment that I made here - http://code.djangoproject.com/ticket/689#change_10) don't you think that having a http authentication capabilities in django would be a plus? Best regards, Pawel Sawicki --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~----------~----~----~----~------~----~------~--~---
