At 12:42 PM 1/23/2006 -0500, Clark C. Evans wrote: >In short, I can't think of any generic use-cases for this second >scenerio (where authentication happens *after* a complete re-write >of the environ) that would work with a generic request logging; >and I don't see how a header would help. > >Perhaps I'm missing something?
You simply can't use environ values to communicate *up* the WSGI stack, since at no level is it guaranteed you have the "same" dictionary. Response headers and callables (or mutables) in the environ are the only way to send stuff upstream. You also have to be careful that any upstream communication doesn't bypass something that middleware should be allowed to control. In the case of authentication, it should be sufficient to have a callable or mutable in the environ that can be called or set more than once per request, i.e. it only takes effect once the request is completed. This allows outer middleware to override what inner middleware or the application set it to. _______________________________________________ Web-SIG mailing list Web-SIG@python.org Web SIG: http://www.python.org/sigs/web-sig Unsubscribe: http://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com
