upgrade to 3.0 - httpauth usage
Kevin Coyner
I've just upgraded to 3.0 from 2.1 and have most things working but
I don't have httpauth working yet, although i did have it working
under 2.1.
I've got a page in a pastebin and would appreciate a quick review by
anyone who has this working in 3.0 pastebin is at:
Thanks,
Kevin
--
Kevin Coyner GnuPG key: 1024D/8CE11941
Sylvain Hellegouarch
>
>
>
> I've just upgraded to 3.0 from 2.1 and have most things working but
> I don't have httpauth working yet, although i did have it working
> under 2.1.
>
> I've got a page in a pastebin and would appreciate a quick review by
> anyone who has this working in 3.0 pastebin is at:
>
> http://paste.debian.net/20114
>
> Thanks,
> Kevin
>
Try renaming 'conf' with '_cp_config' as the class attribute.
- Sylvain
Kevin Coyner
On Mon, Jan 15, 2007 at 03:31:01PM +0000, Sylvain Hellegouarch wrote......
> >I've just upgraded to 3.0 from 2.1 and have most things working
> >but I don't have httpauth working yet, although i did have it
> >working under 2.1.
> >
> >I've got a page in a pastebin and would appreciate a quick review
> >by anyone who has this working in 3.0 pastebin is at:
> >
> > http://paste.debian.net/20114
>
> Try renaming 'conf' with '_cp_config' as the class attribute.
I've changed it as suggested, but still no basic challenge but no
errors thrown either.
_cp_config = {'/members': {'tools.basic_auth.on': True,
'tools.basic_auth.realm': 'localhost',
'tools.basic_auth.users': {'test': md5.new('test').hexdigest()}}}
Where I presently have '/members' ... this is the directory I'm
protecting, correct? And should this be the full path or just the
directory name relative to the root of the site?
Thanks, Kevin
The complete, updated paste is at:
Sylvain Hellegouarch
>
>
>
> On Mon, Jan 15, 2007 at 03:31:01PM +0000, Sylvain Hellegouarch wrote......
>
>> >I've just upgraded to 3.0 from 2.1 and have most things working
>> >but I don't have httpauth working yet, although i did have it
>> >working under 2.1.
>> >
>> >I've got a page in a pastebin and would appreciate a quick review
>> >by anyone who has this working in 3.0 pastebin is at:
>> >
>> > http://paste.debian.net/20114
>>
>> Try renaming 'conf' with '_cp_config' as the class attribute.
>
>
> I've changed it as suggested, but still no basic challenge but no
> errors thrown either.
>
> _cp_config = {'/members': {'tools.basic_auth.on': True,
> 'tools.basic_auth.realm': 'localhost',
> 'tools.basic_auth.users': {'test': md5.new('test').hexdigest()}}}
>
> Where I presently have '/members' ... this is the directory I'm
> protecting, correct? And should this be the full path or just the
> directory name relative to the root of the site?
>
> Thanks, Kevin
My bad, try this:
_cp_config = {'tools.basic_auth.on': True,
'tools.basic_auth.realm': 'localhost',
'tools.basic_auth.users': {'test': md5.new('test').hexdigest()}}
When you use the _cp_config attribute you don't need the path since you
already attach the attribute at the correct level.
- Sylvain
Kevin Coyner
On Mon, Jan 15, 2007 at 04:54:44PM +0000, Sylvain Hellegouarch wrote......
> <snip> try this:
>
>
> _cp_config = {'tools.basic_auth.on': True,
> 'tools.basic_auth.realm': 'localhost',
> 'tools.basic_auth.users': {'test': md5.new('test').hexdigest()}}
>
> When you use the _cp_config attribute you don't need the path
> since you already attach the attribute at the correct level.
That did the trick. Thanks!
If I may indulge on your patience for one more question:
Under 2.1, I had:
_cpFilterList = [ HttpAuthFilter(cppasswordPath='../cppassword',
realm='localhost',
privateKey='krusty',
unauthorizedPath='/members/unauthorized/'
) ]
and:
def unauthorized(self, *args, **kwargs):
return "<h1>You are not authorized to access this content.</h1>"
unauthorized.exposed = True
Under 3.0, when someone attempts to log in and fails, how do I bring
up a pretty unauthorized page without all of the python/cp language
that I presently get?
Thanks again.
Once I get this all done, I'll post a summary for others.
Kevin
Sylvain Hellegouarch
> If I may indulge on your patience for one more question:
>
> Under 2.1, I had:
>
> _cpFilterList = [ HttpAuthFilter(cppasswordPath='../cppassword',
> realm='localhost',
> privateKey='krusty',
> unauthorizedPath='/members/unauthorized/'
> ) ]
>
> and:
>
> def unauthorized(self, *args, **kwargs):
> return "<h1>You are not authorized to access this content.</h1>"
> unauthorized.exposed = True
>
>
> Under 3.0, when someone attempts to log in and fails, how do I bring
> up a pretty unauthorized page without all of the python/cp language
> that I presently get?
>
> Thanks again.
>
> Once I get this all done, I'll post a summary for others.
>
> Kevin
>
>
Here you go with a complete example:
import cherrypy
import md5
import os.path
class Root:
_cp_config = {'tools.basic_auth.on': True,
'tools.basic_auth.realm': 'localhost',
'tools.basic_auth.users': {'test':
md5.new('test').hexdigest()}}
@cherrypy.expose
def index(self):
return "hey"
if __name__ == '__main__':
cur_dir = os.path.dirname(os.path.abspath(__file__))
cherrypy.config.update({'error_page.401': os.path.join(cur_dir,
'error401.html')})
cherrypy.quickstart(Root())
Then error401.html:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Unauthorized</title>
</head>
<body>
You know I wish I could let you in but my boss said no...
</body>
</html>
It should do what you want ;)