My admin controller:

[...]
class AdministratorController(BaseController):

    @authorize(h.auth.is_valid_user)
    def index(self):
        return render('/admin/index.mako')

    def signout(self):
        return redirect_to(controller='administrator', action='index')
#end

On development version:
paster serve --reload development.ini
all work good
but when I go to page by apache2 I get error:
...
[Wed Dec 10 05:38:44 2008] [error] [client [...]] mod_wsgi (pid=8169):
Exception occurred processing WSGI script
'/home/.../public_html/pyupo/apache2/pyupo.wsgi'.
[Wed Dec 10 05:38:44 2008] [error] [client 88.199.174.122] TypeError:
sequence of string values expected, value of type literal found
...

The error only exist if I view authorized pages, but when I remove
@authorize then work good,
on development version authorized work good.

.../apache/pyupo.wsgi:

import os, sys
sys.path.append('/home/.../public_html/pyupo')
os.environ['PYTHON_EGG_CACHE'] =
'/home/.../public_html/pyupo/apache2/python-eggs'

from paste.deploy import loadapp

application = loadapp('config:/home/.../public_html/pyupo/deployment.ini')
#end

.../pyupo/config/middleware.py:

def make_app(global_conf, full_stack=True, **app_conf):
    # Configure the Pylons environment
    load_environment(global_conf, app_conf)

    # The Pylons WSGI app
    app = PylonsApp()

    # CUSTOM MIDDLEWARE HERE (filtered by error handling middlewares)

    # Routing/Session/Cache Middleware
    app = RoutesMiddleware(app, config['routes.map'])
    app = SessionMiddleware(app, config)
    app = CacheMiddleware(app, config)

    if asbool(full_stack):
        # Handle Python exceptions
        app = ErrorHandler(app, global_conf, **config['pylons.errorware'])

        # Display error documents for 401, 403, 404 status codes (and
        # 500 when debug is disabled)
        if asbool(config['debug']):
            app = StatusCodeRedirect(app)
        else:
            app = StatusCodeRedirect(app, [400, 401, 403, 404, 500])

        # dodane
        app = authkit.authenticate.middleware(app, app_conf)

    # Establish the Registry for this application
    app = RegistryManager(app)

    # Static files (If running in production, and Apache or another web
    # server is handling this static content, remove the following 3 lines)
    static_app = StaticURLParser(config['pylons.paths']['static_files'])
    app = Cascade([static_app, app])

    # dodane
    if not asbool(full_stack):
        app = authkit.authenticate.middleware(app, app_conf)

    # dodane
    #app = GzipMiddleware(app, compresslevel=5)
    return app

.../deployment.ini:

[...]
[app:main]
lang = pl
use = egg:pyupo
full_stack = false
cache_dir = %(here)s/data
[...]

authkit.setup.enable = true
authkit.setup.method = form, cookie

authkit.form.authenticate.user.data =
    admin:xxx  admin editor

authkit.cookie.secret = [secret...]
authkit.cookie.signoutpath = /admin/signout
authkit.cookie.params.expires = 6000
authkit.cookie.includeip = true
authkit.cookie.enforce = true
authkit.form.template.obj = pyupo.lib.auth:render_signin
[...]

.../development.ini is almost the same, difference is only:
full_stack = true,
#set debug = false

Where is the problem?
Could someone help me?

Best Regards,
Tomek

Hello, Tomasz,

I see several problems.

^^^^
1) Wrong place for middleware. Add it under "# CUSTOM MIDDLEWARE HERE"
line. Much better place. At least immediately after "if
asbool(full_stack):" line.

2) Next problem is that you set full_stack to false in deployment.ini.
Why? Actually it is the biggest problem.

3) You shoud disable debug in deployment.ini. There is no reason to
run application in debug mode under WSGI.

HTH.

As well, you might find my auth&auth middlewares more usable for you
http://trac.sandbox.lt/auth/wiki/AuthFormMiddleware,
http://trac.sandbox.lt/auth/wiki/AuthorizeMiddleware. That's different
from AuthKit a little bit but at least I will be able both answer and
fix your problems if you will have them.

--
Dalius
http://blog.sandbox.lt

Dalius Dobravolskas pisze:

It's done. I place it after  "# CUSTOM MIDDLEWARE HERE"
It's misunderstanding, I have had set debug = false on deployment.ini
Result:
Instead Apache 404 error now I get pylons 404 error on page.
The same error exist in logs.

Error come from mod_wsgi.c:

                while ((item = PyIter_Next(iterator))) {
                    if (!PyString_Check(item)) {
                        PyErr_Format(PyExc_TypeError, "sequence of string "
                                     "values expected, value of type
%.200s "
                                     "found", item->ob_type->tp_name);
                        Py_DECREF(item);
                        break;
                    }

but I don't understand way.

Thanks,

Best Regards
Tomek

Hello, again,

OK. Now error is handled by ErrorHandler (Pylons). Much better. Define
email in deployment.ini it will send backtrace to your e-mail on 404
error. While Apache error log should contain backtrace as well now.
Check it.

In older AuthKit's versions some parts returned wrong type and since
mod_wsgi is very strict WSGI implementation it was failing. It looks
we have very similar problem here. I have spend about half a day while
solving that problem. You should find out somehow what produces that
literal value here:

[Wed Dec 10 05:38:44 2008] [error] [client 88.199.174.122] TypeError:
sequence of string values expected, value of type literal found

Regards,
Dalius
http://blog.sandbox.lt

I check your auth&auth middleware.

Maybe I will like it.
That I need.
For users I need only authenticated but for admins I need authorized also.
User can buy some products from shop or go to own panel (customers area panel) but admins do not only (admin area).

Admins -> table admin in database [authkit at now] - I have plan to change this to your auth&auth middleware.
Users -> table user in database [actually I have written my own authenticated function, pure but working, without middleware]

My question:
1. I need download authform-middleware and authorize-middleware or only authorize-middleware?
2. At now I can't use easy_install so where is the best place for this libs? Maybe on pylons .../lib/authorize-middleware/ and .../lib/authform-middleware/ at the moment?

Best Regards,
Tomek

Hello, Tomasz,

I think you will need authorization sooner or later for users as well.
I think it is better to keep one table for all users (both admin and
regular) and create admin role or group for some users. This way you
will have less problems.

Your own authentication functions are good as well but I don't promise
that it will work with authorize-middleware. Authorize-middleware is
very simple now so you can look into the code to check that.

If you like how AuthKit authentication works it is enough to use
authorize-middleware. Actually it looks like that AuthKit is not
working for you yet so you will need to download both.

I just don't hurry with easy_install yet while I know how to do that.
You can place anywhere you want. Even in
/home/tomasz/projects/3rdparty/. All you need to run is:
cd .../authorize-middleware
sudo python setup.py develop

That's the right way to do that. setup.py will place it in proper place.

--
Dalius
http://blog.sandbox.lt

Hi Tomasz,

mod_wsgi is much stricter about return types than the Paste HTTP
server used during development. Something somewhere is returning a
webhelpers.html.literal object when mod_wsgi is expecting an 8-bit
string, most likely it is the template you are using for the sign in.
Try changing the pyupo.lib.auth.render_signin function so that the
value it returns is encoded:

def render_signin(...):
     return template.encode('utf-8')

Then it will all work.

HTH,

James

On Wed, Dec 10, 2008 at 6:53 PM, James Gardner
Looks like yet another good reason to leave login dialog drawing to
Pylons (or other WSGI application).

--
Dalius
http://blog.sandbox.lt