Steven Armstrong wrote:
>........
> You could then pass the groups, or whatever else you need, to the
> handler using PythonOption directives.
>
> e.g.
>
> AuthType basic
> AuthName "djauth test"
> Require valid-user
> SetEnv DJANGO_SETTINGS_MODULE djauth.settings
> PythonOption DjangoGroups XXX group2 group3
> PythonAuthenHandler path.to.my.auth.handler
......
well I hacked contrib/auth/handlers/modpython.py and now have group checking
with this code
# check the password and any permission given
if user.check_password(req.get_basic_auth_pw()):
G = [] #find required groups
S = filter(None,map(str.split,map(str.strip,req.requires())))
map(G.extend,[filter(None,s[1:])
for s in S if s[0].lower()=='group'])
for g in user.groups.all():
if g.name in G:
G.remove(g.name)
if G: #fail if some required groups remain
return apache.HTTP_UNAUTHORIZED
if permission_name:
if user.has_perm(permission_name):
return apache.OK
else:
return apache.HTTP_UNAUTHORIZED
else:
return apache.OK
else:
return apache.HTTP_UNAUTHORIZED
--
Robin Becker
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
