Basic Auth on certain URL
David J.
I have this.
from this page
http://www.web2py.com/book/default/chapter/08#Access-Control-and-Basic-Authentication
@auth.requires_login()
def stream():
auth.settings.allow_basic_login = True (this is set to False in the
book)
return dict()
Thanks.
David.
Massimo Di Pierro
if request.function=='stream':
auth.settings.allow_basic_login = True
On May 23, 10:23 am, "David J." <da...@styleflare.com> wrote:
> I was wondering how I can force basic auth on just one url?
>
> I have this.
>
David J.
my controller is default.py
if request.function == 'stream':
auth.settings.allow_basic_login = True
def stream():
stream = 'http://mystream...'
return dict(stream=stream)
but when I visit
I get the stream url; I would have thought I would have got a Basic
Authentication box.
Perhaps I need to upgrade my version; I am running 1.95.1
Massimo Di Pierro
If you do
if request.function == 'stream':
auth.settings.allow_basic_login = True
you get the usual web2py login page. If username and password are
already in the URL (basic auth)
http://username:pass...@127.0.0.1:8000/..../stream
then you do not get prompted. You never get the popup. That is ugly.
David J.
I tried this again on Trunk version.
pbreit
Auth enables login via basic authentication:
1. | auth.settings.allow_basic_login = False |
David J.
I see; so I have to configure Apache to pop the auth box and then pass
it to my web2py app.
Sorry I mis-understood what was supposed to happen.
I always was under the impression that if you visited a page that used
basic auth; it would force the borwser to pop a box for authentication.
But this concept is different.
This concept lets you pass user:pa...@doamin.com and provides auth based
on those values.
I need to do the former; so I guess I will revert back to Apache.
Thanks.
David J.
Perhaps that should be changed.
However; one thing I got confused was that
web2py handles basic auth via sending 'username:pa...@domain.com'
Which is Fine; But Massimo pointed out something I was trying to do that is not really the way it works.
Currently I have an App running on Tomcat; It uses Basic Auth with Mysql Backend to give access to a streaming server.
While trying to port the App; I wanted when a user visits http://www.mydomain.com/podcast the "Basic Auth" dialog would pop up in the browser.
But this is different than the way the App actually handles the authentication.
What Massimo pointed it out is the handling of Basic Auth in a URL vs calling Auth values from a form.
Any ideas on how to do the former would be appreciated.
Thanks.
Massimo Di Pierro
request.
Another issue is who is responsible for authentication. Web2py or
apache?
I say: always web2py!
Look into: web2py/scripts/access.wsgi
On May 23, 11:06 am, "David J." <da...@styleflare.com> wrote:
> I thought the same;
>
> Perhaps that should be changed.
>
> However; one thing I got confused was that
>
> Which is Fine; But Massimo pointed out something I was trying to do that
> is not really the way it works.
>
> Currently I have an App running on Tomcat; It uses Basic Auth with Mysql
> Backend to give access to a streaming server.
>
>
> But this is different than the way the App actually handles the
> authentication.
>
> What Massimo pointed it out is the handling of Basic Auth in a URL vs
> calling Auth values from a form.
>
> Any ideas on how to do the former would be appreciated.
>
> Thanks.
>
> On 5/23/11 11:45 AM, pbreit wrote:
>
>
>
>
>
>
>
> > The book says:
>