YES! This was the solution for me as well. Thanks! On Tuesday, September 17, 2013 at 3:31:14 AM UTC-7, Fredrik wrote: > > It turns out I needed to add this to the Apache config: > *WSGIPassAuthorization > On* > > With the line added everything works well. I couldn't find any > documentation on that in the web2py book and I do not know if it has > something to do with my particular setup and versions. > > Now all decorators works according to documentation and i can use, for > instance "wget -qO- --no-check-certificate --auth-no-challenge > --user=[username] --password=[passeword] > https://my.server.com/api/action.json"; > > On Tuesday, September 17, 2013 11:23:00 AM UTC+2, Michele Comitini wrote: >> >> Fredrik, >> >> You should be able to use http basic authentication on ssl. >> You can also use x509 auth if you want to use client side certificates >> (still using web2py auth_* tables). >> I do not understand what is the exact error on your client. Can you post >> it? >> >> mic >> >> >> >> 2013/9/17 Fredrik <fredrik.z...@gmail.com> >> >>> Hi Larry, >>> >>> thanks for the quick reply. It might have something to do with the >>> certificate. Me calling it a production server is actually not totally >>> correct, it's more of a staging server, and therefore the SSL certificate >>> does not match the domain name. >>> >>> Using basic auth was more of a way to find out what is going wrong. Our >>> goal is to have API authentication based on the auth table in web2py. With >>> basic auth and Apache/WSGI, aren't we restricted to a password-file and >>> therefore a separate user/pass set than in web2py? >>> >>> >>> On Monday, September 16, 2013 6:08:14 PM UTC+2, Larry Weinberg wrote: >>> >>>> I'm doing exactly that and not running into troubles. >>>> Could it be something about your SSL certificate? If it's not a well >>>> trusted certificate sometimes you need to install it on the client side. >>>> Does it match the domain name you are calling? >>>> >>>> I test my server with the following python code and I can use basic >>>> authentication with restful calls: >>>> >>>> import requests >>>> from requests.auth import HTTPBasicAuth >>>> import json >>>> >>>> user = 'myn...@my.com' >>>> passwd = 'mypassword' >>>> url = 'http://mysrver/app/controller/resfullcall.json' >>>> r = requests.get(url, auth=HTTPBasicAuth(user, passwd)) >>>> # print r.text >>>> >>>> # Decode the JSON response and get the access token >>>> decodedDict = json.loads(r.text) >>>> >>>> >>>> -- >>> Resources: >>> - http://web2py.com >>> - http://web2py.com/book (Documentation) >>> - http://github.com/web2py/web2py (Source code) >>> - https://code.google.com/p/web2py/issues/list (Report Issues) >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "web2py-users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to web2py+un...@googlegroups.com. >>> For more options, visit https://groups.google.com/groups/opt_out. >>> >> >>
-- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
