On Mar 28, 9:21 pm, Tim Sawyer <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I'm following the instructions at
>
> http://www.djangoproject.com/documentation/apache_auth/
>
> I've just noticed a bit at the bottom of that page which says
> -----
> Note that sometimes SetEnv doesn't play well in this mod_python configuration,
> for reasons unknown
Hmmm, hardly reasons unknown.
The Apache module that takes SetEnv values and copies them into the
Apache request record subprocess_env table only runs at the very end
of the Apache fixup phase. This phase is the very last thing before
the content handler phase is triggered. As a consequence, SetEnv
values are not available in earlier phases such as the access,
authentication and authorisation phases.
Thus, as I said, the only way DJANGO_SETTINGS_MODULE could be set in
os.environ as required for an authentication (were SetEnv being used
to cover both authentication and content handler), is that non
authenticated Django page was hit first which meant that os.environ
was setup in advance as a side effect.
> If you're having problems getting mod_python to
> recognize your DJANGO_SETTINGS_MODULE, you can set it using PythonOption
> instead of SetEnv. Therefore, these two Apache directives are equivalent:
>
> SetEnv DJANGO_SETTINGS_MODULE mysite.settings
> PythonOption DJANGO_SETTINGS_MODULE mysite.settings
> ----
The mod_python PythonOption values are available in all phases run in
the context of where the setting was applied and thus it would work.
The SetEnv and PythonOption directives are not equivalent in how they
work though as PythonOption has a separate mod_python specific options
table separate to the SetEnv subprocess_env table. Thus, any
mod_python handler would need to be looking specially in the
mod_python specific table to get the option and wouldn't use the same
mechanism as being used to pickup SetEnv values.
> I've done that and now it's prompting me to login a normal browser dialog box.
> If I use my django login it works - is this expected behaviour or can I stop
> the login box appearing for users that have logged into django auth?
Yes it is expected behaviour. The recipe you are using is for HTTP
Basic Authentication, which makes use of a browser implemented popup
login window. In general you cannot make this disappear.
Graham
> Thanks,
>
> Tim.
>
> On Friday 28 Mar 2008, Graham Dumpleton wrote:
>
> > Variables set with SetEnv aren't available to authentication handlers,
> > only to the content handler. Thus, even if the Django authentication
> > handler is looking for it, it will not find it and thus would not be
> > able to update os.environ variable of same name from it. The only way
> > it could work is if the first page hit was a Django application page
> > which had the side effect of setting os.environ. You probably wouldn't
> > want to rely on that being the case.
>
> > For alternate mechanism for doing all this see mod_wsgi.
>
> > http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms
>
> > Graham
>
> > Tim Sawyer wrote:
> > > Hi,
>
> > > I'm trying to secure /site_media/private and /site_media/pictures so that
> > > only logged in users can see the files in those directories and below.
>
> > > The error I'm getting (sometimes - seems to be a bit inconsistent) is
>
> > > [Fri Mar 28 09:39:06 2008] [error] [client XXX.XXX.XXX.XXX]
> > > PythonAuthenHandler django.contrib.auth.handlers.modpython: ImportError:
> > > Settings cannot be imported, because environment variable
> > > DJANGO_SETTINGS_MODULE is undefined., referer:
> > >http://site/private/pictures/
>
> > > Here's my apache virtual host configuration (site name changed to site).
> > > Have I done anything obviously wrong? The PythonPath entries are
> > > indented correctly in the original.
>
> > > Thanks,
>
> > > Tim
>
> > > <VirtualHost *:80>
> > > ServerAdmin [EMAIL PROTECTED]
> > > ServerNamewww.site
> > > ServerAlias site
>
> > > DocumentRoot /home/tjs/web/site
>
> > > <Directory /home/tjs/web/site>
> > > Options -Indexes FollowSymLinks MultiViews
> > > AllowOverride All
> > > Order allow,deny
> > > allow from all
> > > </Directory>
>
> > > <Directory /home/tjs/web/site/site_media>
> > > allow from all
> > > </Directory>
>
> > > CustomLog /home/tjs/log/site pink
>
> > > <Location "/site_media/pictures">
> > > AuthType Basic
> > > AuthName "site"
> > > Require valid-user
> > > AuthBasicAuthoritative Off
> > > AuthzDefaultAuthoritative Off
> > > AuthzGroupFileAuthoritative Off
> > > AuthzUserAuthoritative Off
>
> > > SetEnv DJANGO_SETTINGS_MODULE site.settings
>
> > > PythonPath
> > > "['/home/tjs/web','/home/tjs/django/sorl-thumbnail-read-only','/home/tjs/
> > >django/django-trunk'] + sys.path"
> > > PythonAuthenHandler
> > > django.contrib.auth.handlers.modpython PythonOption
> > > DjangoRequireStaffStatus Off
> > > PythonOption DjangoPermissionName
> > > members.can_access_private_area
> > > </Location>
>
> > > <Location "/site_media/private">
> > > AuthType Basic
> > > AuthName "site"
> > > Require valid-user
> > > AuthBasicAuthoritative Off
> > > AuthzDefaultAuthoritative Off
> > > AuthzGroupFileAuthoritative Off
> > > AuthzUserAuthoritative Off
>
> > > SetEnv DJANGO_SETTINGS_MODULE site.settings
>
> > > PythonPath
> > > "['/home/tjs/web','/home/tjs/django/sorl-thumbnail-read-only','/home/tjs/
> > >django/django-trunk'] + sys.path"
> > > PythonAuthenHandler
> > > django.contrib.auth.handlers.modpython PythonOption
> > > DjangoRequireStaffStatus Off
> > > PythonOption DjangoPermissionName
> > > members.can_access_private_area
> > > </Location>
>
> > > <Location "/">
> > > SetHandler python-program
> > > PythonHandler django.core.handlers.modpython
> > > SetEnv DJANGO_SETTINGS_MODULE site.settings
> > > PythonDebug Off
>
> > > PythonPath
> > > "['/home/tjs/web','/home/tjs/django/sorl-thumbnail-read-only','/home/tjs/
> > >django/django-trunk'] + sys.path"
> > > </Location>
>
> > > <Location "/media">
> > > SetHandler None
> > > </Location>
>
> > > <Location "/site_media">
> > > SetHandler None
> > > </Location>
>
> > > </VirtualHost>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
