On Sep 19, 10:18 pm, Graham Dumpleton <[EMAIL PROTECTED]>
wrote:
> > OK my code looks like the standard django/contrib/auth/modpython.py the
> > patch is
>
> > ***************
> > *** 39,44 ****
> > --- 38,54 ----
>
> > # check the password and any permission given
> > if user.check_password(req.get_basic_auth_pw()):
> > + G = [] #find required groups
> > + S = filter(None,map(str.split,map(str.strip,req.requires())))
> > + map(G.extend,[filter(None,s[1:])
> > + for s in S if s[0].lower()=='group'])
> > + for g in user.groups.all():
> > + if g.name in G:
> > + G.remove(g.name)
> > +
> > + if G: #fail if required groups remain
> > + return apache.HTTP_UNAUTHORIZED
> > +
> > if permission_name:
> > if user.has_perm(permission_name):
> > return apache.OK
>
> > we're using this kind of phrase in our 2.0 apache configs
>
> > AuthType basic
> > AuthName "djauth test"
> > Require valid-user
> > Require group rptlab
> > #AuthUserFile /home/rptlab/etc/passwd
> > #AuthGroupFile /home/rptlab/etc/groups
> > PythonInterpreter djauth
> > PythonAuthenHandler djauth.modpython
>
> > I'm guessing that AuthBasicProvider (in your examples) is new in Apache 2.2
> > and
> > makes things easier for this.
>
> Correct.
>
> > In 2.0 there seems no way to provide another
> > authorizer without writing an apache module.
>
> Correct.
Whoops. Not strictly true. You can write one with mod_python by
implementing a authzhandler(). You just need to know what you are
doing. ;-)
Graham
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---