Well Apache handles the HTTP Digest mechanism only if I am using mod_wsgi with a custom backend. Using Paste the Authkit middleware handles that.
What I was hoping for was the ability to use the Authkit middleware (so it links to my database); as well as be able to encompass serving my static files. The only way to do that it seems is to use mod_wsgi and use a custom authentication provider and point it at a custom script that works with Authkit. On Apr 7, 3:38 am, Graham Dumpleton <[email protected]> wrote: > On Apr 7, 10:11 am, Jason Reid <[email protected]> wrote: > > > Nevermind; I should have just did a little more googling. > > > If anyone is interested in this; it seems quite easy usingmod_wsgi > > for Apache. > > > I dont care about the other ones really so no big > > deal.http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms > > Note that Apache is actually handling the HTTP Digest mechanism, the > only thing that is being delegated to Python code is the generation of > the hash for comparison of user details. > > Because that Python code runs embedded in Apache worker process, you > should make it as absolutely minimal as possible if still running > Pylons using Paste behind mod_proxy. > > In other words, don't just go importing all your Pylons/AuthKit > infrastructure as it will only serve to bloat our the Apache worker > process unnecessarily. Writing a custom bit of code which does only > what you need would be the best approach. > > Graham > > > They have a sample for django and I should be able to move that to > > Pylons quite easily. > > > On Apr 6, 8:06 pm, Jason Reid <[email protected]> wrote: > > > > I have not "dived" into Pylons yet; but the question I am curious > > > about is how I would use AuthKit's authentication (digest > > > specifically) too protect static content (I dont mean images; I am > > > server rather large; over 4GB files) and I need them secured. > > > > I was using Django and it had a thing that let mod_python basically > > > interface with its Authentication from apache. > > > > I dont know if AuthKit has that sort of feature; but how would I even > > > configure that as Pylons is running through paste - however static > > > content wouldn't be - or could it be efficiently? > > > > I am wondering if there is away to have AuthKit be my digest mechanism > > > while using Apache2 or lighttpd or nginx (I would love a solution that > > > encompasses all three :D) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
