[kforge-dev] Re: access control

Rufus Pollock rufus.pollock at okfn.org
Mon Jan 30 12:52:15 UTC 2006

John Bywater wrote:
> Rufus -
> Would the request 'req' passed into the authenhandler() will contain our 
> session cookie?
> http://scm.kforge.net/svn/kforge/trunk/src/kforge/apache/modpython.py
> Let's look at writing a little mod_python "view" at some point? I'm sure 
> I don't know all the things you learned when you developed that mod 
> python handler. But it would be nice not to have any basic-auth pop-up 
> curiousness, and to eliminate the obvious code repetition....

Good idea John -- I'd been thinking about this just last week. Modpython 
does indeed support cookies_[1] and this would allow give us several 
benefits including:
   1. single sign-on
   2. ability to be logged in even when just visitor is allowed in

The one thing we must remember is we also have to support traditional 
apache auth so that access to e.g. subversion still works when people 
just use a command line client.

Anyway I'll take a look at getting this into trunk this week or next.


[1] See the examples at: 

More information about the kforge-dev mailing list