传递的Apache2摘要认证信息通过mod_wsgi的


7

运行WSGI脚本,我已经得到了指令

<VirtualHost *> 
    <Location /> 
     AuthType Digest 
     AuthName "global" 
     AuthDigestDomain/
     AuthUserFile /root/apache_users 
     <Limit GET> 
      Require valid-user 
     </Limit> 
    </Location> 
    WSGIScriptAlias//some/script.wsgi 
    WSGIDaemonProcess mywsgi user=someuser group=somegroup processes=2 threads=25 
    WSGIProcessGroup mywsgi 
    ServerName some.example.org 
</VirtualHost> 

我想在/some/script.wsgi知道

def application(environ, start_response): 
    start_response('200 OK', [ 
     ('Content-Type', 'text/plain'), 
    ]) 
    return ['Hello'] 

什么用户已登录。

我该怎么做?在mod_wsgi documentation

def application(environ, start_response): 
    start_response('200 OK', [ 
     ('Content-Type', 'text/plain'), 
    ]) 
    return ['Hello %s' % environ['REMOTE_USER']] 

的更多信息:

14

添加WSGIPassAuthorization On

<VirtualHost *> 
    <Location /> 
     AuthType Digest 
     AuthName "global" 
     AuthDigestDomain/
     AuthUserFile /root/apache_users 
     <Limit GET> 
      Require valid-user 
     </Limit> 
    </Location> 
    WSGIPassAuthorization On 
    WSGIScriptAlias//some/script.wsgi 
    WSGIDaemonProcess mywsgi user=someuser group=somegroup processes=2 threads=25 
    WSGIProcessGroup mywsgi 
    ServerName some.example.org 
</VirtualHost> 

然后,只需阅读environ['REMOTE_USER']

  0

非常感谢。 06 7月. 162016-07-06 16:02:20


2

关于Apache/mod_wsgi的和访问,认证和授权机制的更多信息可参见:

http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms

的信息默认情况下不通过,因为这样做会泄露密码信息的应用,这可能不应该得到它。