diango app, mod_python, and httpd

— filed under: httpd, mod_python, django

How Django application could work with mod_python in a httpd server.

we need leverage on mod_python's AuthenHandler to implement a authentication provider for HTTPD server. It will be used to providing authentication service on Proxy for the backend Plone site.

mod_python PythonAuthenHandler Implementation Based-on Session

The basic ideas, on session management on Database.

set SESSION_COOKIE_AGE=1800, which is 30 minutes session time out!
method authenhandler will get cookie value for SESSION_COOKIE_NAME (default is sessionid) from request!
check the Sessions database to make sure the session is exist and valid:

django.contrib.sessions.models.Session
expire_date should not be the future from now.

update the expire_date based on current date time, so user will keep get 30 minutes time out if they are keep working on this site.
set up corn job to run the session clean up script at daily base!
$ python manage.py cleanup
introduced 2 Django settings attributes to set up the Plone authentication URL and the cookie name used by Plone session:
- PLONEPROXY_AUTHEN_URL = 'http://local.host.name/Plone/login_form'
- PLONEPROXY_COOKIE_NAME = '__ac'

How to debug mod_python program?

The directive PythonEnablePdb is designed for debuging mod_python program. It has to use with HTTPD's -DONE_PROCESS option together. Check the following link for more details:

http://www.modpython.org/live/current/doc-html/dir-other-epd.html

Using the default Django AuthenHandler

The following example is try to show how to use the default PythonAuthenHandler form Django to implement basic authentication for a proxy location.

ProxyRequests Off
ProxyPreserveHost On

<Proxy *>
 Order deny,allow
 Allow from all
</Proxy>

<Location /external/site>
    ProxyPass http://internal.host.name/external/site

    AuthType Basic
    AuthName "External Proxy"
    AuthUserFile /dev/null
    AuthBasicAuthoritative Off
    Require valid-user

    PythonAuthenHandler django.contrib.auth.handlers.modpython
    PythonOption DJANGO_SETTINGS_MODULE leocornus.django.ploneproxy.settings
    PythonDebug On
</Location>

References

How to use Django with Apache and mod_python: http://docs.djangoproject.com/en/dev/howto/deployment/modpython/
Authenticating against Django's user dtabase from Apache: http://docs.djangoproject.com/en/dev/howto/apache-auth/

Tracking History

When	Who	What Done
2010-05-17 06:24	Sean Chen	the full workable prototype is ready now. revision r407 -- 2.0 Hours, 100.0% Done
2010-05-14 07:24	Sean Chen	provide another implementation for PythonAuthenHanlder to use a customized authentication backend to do Plone user authentication. revision: r401 -- 2.0 Hours, 100.0% Done
2010-05-10 12:10	Sean Chen	finished the simple and workable authentication handler based on Django Session, check in at revision: r400. story can be complete! -- 1.0 Hours, 100.0% Done
2010-05-10 11:24	Sean Chen	created a simple PythonAuthenHandler based on Django's default Session management! revision: r399, expire_date hasn't got updated yet! -- 2.0 Hours, 80.0% Done

Sections

Personal tools