Problem with Authkit 0.4.2 and Pylons 0.9.7rc4 on Apache2 and mod_wsgi 2.3
Tomasz Narloch
[...]
class AdministratorController(BaseController):
@authorize(h.auth.is_valid_user)
def index(self):
return render('/admin/index.mako')
def signout(self):
return redirect_to(controller='administrator', action='index')
#end
On development version:
paster serve --reload development.ini
all work good
but when I go to page by apache2 I get error:
...
[Wed Dec 10 05:38:44 2008] [error] [client [...]] mod_wsgi (pid=8169):
Exception occurred processing WSGI script
'/home/.../public_html/pyupo/apache2/pyupo.wsgi'.
[Wed Dec 10 05:38:44 2008] [error] [client 88.199.174.122] TypeError:
sequence of string values expected, value of type literal found
...
The error only exist if I view authorized pages, but when I remove
@authorize then work good,
on development version authorized work good.
.../apache/pyupo.wsgi:
import os, sys
sys.path.append('/home/.../public_html/pyupo')
os.environ['PYTHON_EGG_CACHE'] =
'/home/.../public_html/pyupo/apache2/python-eggs'
from paste.deploy import loadapp
application = loadapp('config:/home/.../public_html/pyupo/deployment.ini')
#end
.../pyupo/config/middleware.py:
def make_app(global_conf, full_stack=True, **app_conf):
# Configure the Pylons environment
load_environment(global_conf, app_conf)
# The Pylons WSGI app
app = PylonsApp()
# CUSTOM MIDDLEWARE HERE (filtered by error handling middlewares)
# Routing/Session/Cache Middleware
app = RoutesMiddleware(app, config['routes.map'])
app = SessionMiddleware(app, config)
app = CacheMiddleware(app, config)
if asbool(full_stack):
# Handle Python exceptions
app = ErrorHandler(app, global_conf, **config['pylons.errorware'])
# Display error documents for 401, 403, 404 status codes (and
# 500 when debug is disabled)
if asbool(config['debug']):
app = StatusCodeRedirect(app)
else:
app = StatusCodeRedirect(app, [400, 401, 403, 404, 500])
# dodane
app = authkit.authenticate.middleware(app, app_conf)
# Establish the Registry for this application
app = RegistryManager(app)
# Static files (If running in production, and Apache or another web
# server is handling this static content, remove the following 3 lines)
static_app = StaticURLParser(config['pylons.paths']['static_files'])
app = Cascade([static_app, app])
# dodane
if not asbool(full_stack):
app = authkit.authenticate.middleware(app, app_conf)
# dodane
#app = GzipMiddleware(app, compresslevel=5)
return app
.../deployment.ini:
[...]
[app:main]
lang = pl
use = egg:pyupo
full_stack = false
cache_dir = %(here)s/data
[...]
authkit.setup.enable = true
authkit.setup.method = form, cookie
authkit.form.authenticate.user.data =
admin:xxx admin editor
authkit.cookie.secret = [secret...]
authkit.cookie.signoutpath = /admin/signout
authkit.cookie.params.expires = 6000
authkit.cookie.includeip = true
authkit.cookie.enforce = true
authkit.form.template.obj = pyupo.lib.auth:render_signin
[...]
.../development.ini is almost the same, difference is only:
full_stack = true,
#set debug = false
Where is the problem?
Could someone help me?
Best Regards,
Tomek
Dalius Dobravolskas
I see several problems.
^^^^
1) Wrong place for middleware. Add it under "# CUSTOM MIDDLEWARE HERE"
line. Much better place. At least immediately after "if
asbool(full_stack):" line.
2) Next problem is that you set full_stack to false in deployment.ini.
Why? Actually it is the biggest problem.
3) You shoud disable debug in deployment.ini. There is no reason to
run application in debug mode under WSGI.
HTH.
As well, you might find my auth&auth middlewares more usable for you
http://trac.sandbox.lt/auth/wiki/AuthFormMiddleware,
http://trac.sandbox.lt/auth/wiki/AuthorizeMiddleware. That's different
from AuthKit a little bit but at least I will be able both answer and
fix your problems if you will have them.
--
Dalius
http://blog.sandbox.lt
Tomasz Narloch
> 2) Next problem is that you set full_stack to false in deployment.ini.
> Why? Actually it is the biggest problem.
>
>
> 3) You shoud disable debug in deployment.ini. There is no reason to
> run application in debug mode under WSGI.
>
>
> HTH.
>
>
Result:
Instead Apache 404 error now I get pylons 404 error on page.
The same error exist in logs.
Error come from mod_wsgi.c:
while ((item = PyIter_Next(iterator))) {
if (!PyString_Check(item)) {
PyErr_Format(PyExc_TypeError, "sequence of string "
"values expected, value of type
%.200s "
"found", item->ob_type->tp_name);
Py_DECREF(item);
break;
}
but I don't understand way.
> As well, you might find my auth&auth middlewares more usable for you
> http://trac.sandbox.lt/auth/wiki/AuthFormMiddleware,
> http://trac.sandbox.lt/auth/wiki/AuthorizeMiddleware.
Maybe I check it.
> That's different
> from AuthKit a little bit but at least I will be able both answer and
> fix your problems if you will have them.
>
>
Thanks,
Best Regards
Tomek
Dalius Dobravolskas
> Result:
> Instead Apache 404 error now I get pylons 404 error on page.
> The same error exist in logs.
OK. Now error is handled by ErrorHandler (Pylons). Much better. Define
email in deployment.ini it will send backtrace to your e-mail on 404
error. While Apache error log should contain backtrace as well now.
Check it.
In older AuthKit's versions some parts returned wrong type and since
mod_wsgi is very strict WSGI implementation it was failing. It looks
we have very similar problem here. I have spend about half a day while
solving that problem. You should find out somehow what produces that
literal value here:
[Wed Dec 10 05:38:44 2008] [error] [client 88.199.174.122] TypeError:
sequence of string values expected, value of type literal found
Regards,
Dalius
http://blog.sandbox.lt
Tomasz Narloch
Maybe I will like it.
That I need.
For users I need only authenticated but for admins I need authorized also.
User can buy some products from shop or go to own panel (customers area panel) but admins do not only (admin area).
Admins -> table admin in database [authkit at now] - I have plan to change this to your auth&auth middleware.
Users -> table user in database [actually I have written my own authenticated function, pure but working, without middleware]
My question:
1. I need download authform-middleware and authorize-middleware or only authorize-middleware?
2. At now I can't use easy_install so where is the best place for this libs? Maybe on pylons .../lib/authorize-middleware/ and .../lib/authform-middleware/ at the moment?
Best Regards,
Tomek
Dalius Dobravolskas
On Wed, Dec 10, 2008 at 10:04 AM, Tomasz Narloch <tom...@wp.pl> wrote:
>
> I check your auth&auth middleware.
>
> Maybe I will like it.
> That I need.
> For users I need only authenticated but for admins I need authorized also.
> User can buy some products from shop or go to own panel (customers area panel) but admins do not only (admin area).
I think you will need authorization sooner or later for users as well.
I think it is better to keep one table for all users (both admin and
regular) and create admin role or group for some users. This way you
will have less problems.
> Admins -> table admin in database [authkit at now] - I have plan to change this to your auth&auth middleware.
> Users -> table user in database [actually I have written my own authenticated function, pure but working, without middleware]
Your own authentication functions are good as well but I don't promise
that it will work with authorize-middleware. Authorize-middleware is
very simple now so you can look into the code to check that.
> My question:
> 1. I need download authform-middleware and authorize-middleware or only authorize-middleware?
If you like how AuthKit authentication works it is enough to use
authorize-middleware. Actually it looks like that AuthKit is not
working for you yet so you will need to download both.
> 2. At now I can't use easy_install so where is the best place for this libs? Maybe on pylons .../lib/authorize-middleware/ and .../lib/authform-middleware/ at the moment?
I just don't hurry with easy_install yet while I know how to do that.
You can place anywhere you want. Even in
/home/tomasz/projects/3rdparty/. All you need to run is:
cd .../authorize-middleware
sudo python setup.py develop
That's the right way to do that. setup.py will place it in proper place.
--
Dalius
http://blog.sandbox.lt
James Gardner
> [Wed Dec 10 05:38:44 2008] [error] [client [...]] mod_wsgi (pid=8169):
> Exception occurred processing WSGI script
> '/home/.../public_html/pyupo/apache2/pyupo.wsgi'.
> [Wed Dec 10 05:38:44 2008] [error] [client 88.199.174.122] TypeError:
> sequence of string values expected, value of type literal found
> ...
server used during development. Something somewhere is returning a
webhelpers.html.literal object when mod_wsgi is expecting an 8-bit
string, most likely it is the template you are using for the sign in.
Try changing the pyupo.lib.auth.render_signin function so that the
value it returns is encoded:
def render_signin(...):
return template.encode('utf-8')
Then it will all work.
HTH,
James
Dalius Dobravolskas
> Try changing the pyupo.lib.auth.render_signin function so that the
> value it returns is encoded:
>
> def render_signin(...):
> return template.encode('utf-8')
>
> Then it will all work.
Pylons (or other WSGI application).
--
Dalius
http://blog.sandbox.lt