471,091 Members | 1,450 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 471,091 software developers and data experts.

mod_python, multiple calls to PythonAuthenHandler


I've posted this question on the mod_python mailing list but didn't get
much response, so I thought I'd post it here.

(My first attempt connected to an unrelated thread..sorry.
Note-to-self:-must-get-more-coffee-before-posting-)

It seems to me that for each path element in a URI a mod_python handler
will be invoked. This applies to PythonAuthenHandler,
PythonHeaderParserHandler and so on.

Since I'm making a database request in my PythonAuthenHandler, this
quickly becomes a problem.

Example:
http://lucene.moonspawn.scanmine.com/ =>
AuthenHandler::authenhandler called: 1
index got called once

http://lucene.moonspawn.scanmine.com...dler.py/search =>
AuthenHandler::authenhandler called: 1
AuthenHandler::authenhandler called: 2
/search got called once

http://lucene.moonspawn.scanmine.com/search.html => (using mod_rewrite)
AuthenHandler::authenhandler called: 1
AuthenHandler::authenhandler called: 2
AuthenHandler::authenhandler called: 3
/search got called once

I get the same behavior on three separate installations

So, either I've got a miss-configuration which results in multiple calls
to handlers or.., this is expected behavior, and there is a technique to
avoid this or..., this is expected and, for reasons that escapes me,
desired behavior.

I'd greatly appreciate any help and suggestion

regards

/rune
Jul 18 '05 #1
3 2048
Rune Hansen wrote:
I've posted this question on the mod_python mailing list but didn't get
much response, so I thought I'd post it here.

(My first attempt connected to an unrelated thread..sorry.
Note-to-self:-must-get-more-coffee-before-posting-)

It seems to me that for each path element in a URI a mod_python handler
will be invoked. This applies to PythonAuthenHandler,
PythonHeaderParserHandler and so on.

Since I'm making a database request in my PythonAuthenHandler, this
quickly becomes a problem.

Example:
http://lucene.moonspawn.scanmine.com/ =>
AuthenHandler::authenhandler called: 1
index got called once

http://lucene.moonspawn.scanmine.com...dler.py/search =>
AuthenHandler::authenhandler called: 1
AuthenHandler::authenhandler called: 2
/search got called once

http://lucene.moonspawn.scanmine.com/search.html => (using mod_rewrite)
AuthenHandler::authenhandler called: 1
AuthenHandler::authenhandler called: 2
AuthenHandler::authenhandler called: 3
/search got called once

I get the same behavior on three separate installations

So, either I've got a miss-configuration which results in multiple calls
to handlers or.., this is expected behavior, and there is a technique to
avoid this or..., this is expected and, for reasons that escapes me,
desired behavior.

I'd greatly appreciate any help and suggestion

regards

/rune


Well, the thing that's missing here is the code of your AuthenHandler
(or some detail about which standard component you think is being used).
Is it possible you are making internal redirects, for example?

The information about using mod_rewrite does imply you are spending time
on authentication rather more frequently than you strictly need to, but
it's difficult to figure out from just the information given.

regards
Steve
--
http://www.holdenweb.com
http://pydish.holdenweb.com
Holden Web LLC +1 800 494 3119
Jul 18 '05 #2
On Mon, 08 Nov 2004 08:18:45 -0500, Steve Holden wrote:
Rune Hansen wrote:
I've posted this question on the mod_python mailing list but didn't get
much response, so I thought I'd post it here.

(My first attempt connected to an unrelated thread..sorry.
Note-to-self:-must-get-more-coffee-before-posting-)

It seems to me that for each path element in a URI a mod_python handler
will be invoked. This applies to PythonAuthenHandler,
PythonHeaderParserHandler and so on.

Since I'm making a database request in my PythonAuthenHandler, this
quickly becomes a problem.

Example:
http://lucene.moonspawn.scanmine.com/ =>
AuthenHandler::authenhandler called: 1
index got called once

http://lucene.moonspawn.scanmine.com...dler.py/search =>
AuthenHandler::authenhandler called: 1
AuthenHandler::authenhandler called: 2
/search got called once

http://lucene.moonspawn.scanmine.com/search.html => (using mod_rewrite)
AuthenHandler::authenhandler called: 1
AuthenHandler::authenhandler called: 2
AuthenHandler::authenhandler called: 3
/search got called once

I get the same behavior on three separate installations

So, either I've got a miss-configuration which results in multiple calls
to handlers or.., this is expected behavior, and there is a technique to
avoid this or..., this is expected and, for reasons that escapes me,
desired behavior.

I'd greatly appreciate any help and suggestion

regards

/rune


Well, the thing that's missing here is the code of your AuthenHandler
(or some detail about which standard component you think is being used).
Is it possible you are making internal redirects, for example?

The information about using mod_rewrite does imply you are spending time
on authentication rather more frequently than you strictly need to, but
it's difficult to figure out from just the information given.

regards
Steve


Hi Steve,
The configuration and "files" shown below results in the "Example" of my
orignal post.

httpd.conf:
"""
<VirtualHost *:80>
ServerName lucene.moonspawn.scanmine.com
ServerAdmin ru*********@scanmine.com
DocumentRoot /Users/roderik/Sites/Lucene
ErrorLog logs/lucene_error.log
CustomLog logs/lucene_access.log common
</VirtualHost>
<Directory "/Users/roderik/Sites/Lucene">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
RewriteEngine On
RewriteBase /
RewriteRule search.html "SearchHandler.py/search"
AddHandler mod_python .py
DirectoryIndex SearchHandler.py
PythonHandler mod_python.publisher
PythonAuthenHandler AuthenHandler
AuthType Basic
AuthName "Restricted Area"
require valid-user
PythonPath "sys.path+['/Users/roderik/Sites/Lucene']"
PythonDebug On
</Directory>
"""

AuthenHandler.py
"""
from mod_python import apache

count=0

def authenhandler(req,**args):
global count

count +=1
req.write("AuthenHandler::authenhandler called: "+str(count)+"\n")

pw = req.get_basic_auth_pw()
user = req.user

if user == "mrX" and pw == "1234":
return apache.OK
else:
return apache.HTTP_UNAUTHORIZED
"""

SearchHandler.py
"""
from mod_python import apache

def index(req,**args):
req.content_type = "text/html"
req.write("<html><head><title>Search Index Page</title><head><body>## 'index' got called once</body></html>")

def search(req,**args):
req.content_type = "text/html"
req.write("<html><head><title>Search /search Page</title><head><body>## '/search' got called once</body></html>")
"""

Now, I've "solved it" with a single PythonHandler (dropping
PythonAuthenHandler and publisher):

def handler(req):
if not req.headers_in.get("Authorization",0):
req.err_headers_out["WWW-Authenticate"] = 'Basic realm="Restricted\
area"'
raise apache.SERVER_RETURN, apache.HTTP_UNAUTHORIZED
meth,auth = req.headers_in.get("Authorization").split(" ")
user,pw = decodestring(auth).split(":")
args = dict([(a[0],a[1]) for a in util.parse_qsl(req.args or '')])
if dbmdbValidate(user,pw,req.server):
return myMethod(req,**args)
else:
return apache.HTTP_UNAUTHORIZED

This seems to do exactly what I want. Guess I should have tried a litle
harder before posting.
How ever, I'm still curious to why the PythonAuthenHandler is called for
each path element.

regards
/rune
Jul 18 '05 #3
Rune Hansen wrote:
On Mon, 08 Nov 2004 08:18:45 -0500, Steve Holden wrote:

Rune Hansen wrote:

I've posted this question on the mod_python mailing list but didn't get
much response, so I thought I'd post it here.
[...]
Now, I've "solved it" with a single PythonHandler (dropping
PythonAuthenHandler and publisher):

def handler(req):
if not req.headers_in.get("Authorization",0):
req.err_headers_out["WWW-Authenticate"] = 'Basic realm="Restricted\
area"'
raise apache.SERVER_RETURN, apache.HTTP_UNAUTHORIZED
meth,auth = req.headers_in.get("Authorization").split(" ")
user,pw = decodestring(auth).split(":")
args = dict([(a[0],a[1]) for a in util.parse_qsl(req.args or '')])
if dbmdbValidate(user,pw,req.server):
return myMethod(req,**args)
else:
return apache.HTTP_UNAUTHORIZED

This seems to do exactly what I want. Guess I should have tried a litle
harder before posting.
How ever, I'm still curious to why the PythonAuthenHandler is called for
each path element.


I'm afraid that's a little beyond me too, but I think you were quite
within your rights to post the question. Glad you've got past the problem.

Since you're using the publisher handler you might want to consider
using the methods described in
http://www.modpython.org/live/curren...-alg-auth.html if
you haven't already looked at them.

regards
Steve
--
http://www.holdenweb.com
http://pydish.holdenweb.com
Holden Web LLC +1 800 494 3119
Jul 18 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

reply views Thread by Ravi | last post: by
5 posts views Thread by Peter Clark | last post: by
6 posts views Thread by Anthony L. | last post: by
3 posts views Thread by mneagul | last post: by
5 posts views Thread by m.banaouas | last post: by
1 post views Thread by blbmdsmith | last post: by
3 posts views Thread by Lawrence D'Oliveiro | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.