You are viewing a plain text version of this content. The canonical link for it is here.
Posted to mod_python-commits@quetz.apache.org by gr...@apache.org on 2006/03/10 11:20:09 UTC
svn commit: r384754 - in /httpd/mod_python/trunk: Doc/appendixc.tex
lib/python/mod_python/publisher.py test/htdocs/tests.py test/test.py
Author: grahamd
Date: Fri Mar 10 02:20:06 2006
New Revision: 384754
URL: http://svn.apache.org/viewcvs?rev=384754&view=rev
Log:
Fixed mod_python.publisher so it will not return a HTTP Bad Request
response when mod_auth is being used to provide Digest authentication.
(MODPYTHON-47)
Modified:
httpd/mod_python/trunk/Doc/appendixc.tex
httpd/mod_python/trunk/lib/python/mod_python/publisher.py
httpd/mod_python/trunk/test/htdocs/tests.py
httpd/mod_python/trunk/test/test.py
Modified: httpd/mod_python/trunk/Doc/appendixc.tex
URL: http://svn.apache.org/viewcvs/httpd/mod_python/trunk/Doc/appendixc.tex?rev=384754&r1=384753&r2=384754&view=diff
==============================================================================
--- httpd/mod_python/trunk/Doc/appendixc.tex (original)
+++ httpd/mod_python/trunk/Doc/appendixc.tex Fri Mar 10 02:20:06 2006
@@ -117,6 +117,10 @@
(\citetitle[http://issues.apache.org/jira/browse/MODPYTHON-76]{MODPYTHON-76})
The \code{FilterDispatch} callback should not flush the filter if it
has already been closed.
+ \item
+ (\citetitle[http://issues.apache.org/jira/browse/MODPYTHON-47]{MODPYTHON-47})
+ Fixed mod_python.publisher so it will not return a HTTP Bad Request
+ response when mod_auth is being used to provide Digest authentication.
\end{itemize}
\chapter{Changes from Version (3.2.7)\label{app-changes-from-3.2.7}}
Modified: httpd/mod_python/trunk/lib/python/mod_python/publisher.py
URL: http://svn.apache.org/viewcvs/httpd/mod_python/trunk/lib/python/mod_python/publisher.py?rev=384754&r1=384753&r2=384754&view=diff
==============================================================================
--- httpd/mod_python/trunk/lib/python/mod_python/publisher.py (original)
+++ httpd/mod_python/trunk/lib/python/mod_python/publisher.py Fri Mar 10 02:20:06 2006
@@ -224,21 +224,6 @@
found_auth, found_access = 0, 0
- # because ap_get_basic insists on making sure that AuthName and
- # AuthType directives are specified and refuses to do anything
- # otherwise (which is technically speaking a good thing), we
- # have to do base64 decoding ourselves.
- #
- # to avoid needless header parsing, user and password are parsed
- # once and the are received as arguments
- if not user and req.headers_in.has_key("Authorization"):
- try:
- s = req.headers_in["Authorization"][6:]
- s = base64.decodestring(s)
- user, passwd = s.split(":", 1)
- except:
- raise apache.SERVER_RETURN, apache.HTTP_BAD_REQUEST
-
if hasattr(object, "__auth_realm__"):
realm = object.__auth_realm__
@@ -281,6 +266,22 @@
if hasattr(object, "__access__"):
__access__ = object.__access__
found_access = 1
+
+ if found_auth or found_access:
+ # because ap_get_basic insists on making sure that AuthName and
+ # AuthType directives are specified and refuses to do anything
+ # otherwise (which is technically speaking a good thing), we
+ # have to do base64 decoding ourselves.
+ #
+ # to avoid needless header parsing, user and password are parsed
+ # once and the are received as arguments
+ if not user and req.headers_in.has_key("Authorization"):
+ try:
+ s = req.headers_in["Authorization"][6:]
+ s = base64.decodestring(s)
+ user, passwd = s.split(":", 1)
+ except:
+ raise apache.SERVER_RETURN, apache.HTTP_BAD_REQUEST
if found_auth:
Modified: httpd/mod_python/trunk/test/htdocs/tests.py
URL: http://svn.apache.org/viewcvs/httpd/mod_python/trunk/test/htdocs/tests.py?rev=384754&r1=384753&r2=384754&view=diff
==============================================================================
--- httpd/mod_python/trunk/test/htdocs/tests.py (original)
+++ httpd/mod_python/trunk/test/htdocs/tests.py Fri Mar 10 02:20:06 2006
@@ -1028,18 +1028,26 @@
def test_publisher_auth_nested(req):
def __auth__(req, user, password):
test_globals = test_publisher
+ req.notes["auth_called"] = "1"
return user == "spam" and password == "eggs"
def __access__(req, user):
+ req.notes["access_called"] = "1"
return 1
+ assert(int(req.notes.get("auth_called",0)))
+ assert(int(req.notes.get("access_called",0)))
return "test ok, interpreter=%s" % req.interpreter
class _test_publisher_auth_method_nested:
def method(self, req):
def __auth__(req, user, password):
test_globals = test_publisher
+ req.notes["auth_called"] = "1"
return user == "spam" and password == "eggs"
def __access__(req, user):
+ req.notes["access_called"] = "1"
return 1
+ assert(int(req.notes.get("auth_called",0)))
+ assert(int(req.notes.get("access_called",0)))
return "test ok, interpreter=%s" % req.interpreter
test_publisher_auth_method_nested = _test_publisher_auth_method_nested()
Modified: httpd/mod_python/trunk/test/test.py
URL: http://svn.apache.org/viewcvs/httpd/mod_python/trunk/test/test.py?rev=384754&r1=384753&r2=384754&view=diff
==============================================================================
--- httpd/mod_python/trunk/test/test.py (original)
+++ httpd/mod_python/trunk/test/test.py Fri Mar 10 02:20:06 2006
@@ -2009,6 +2009,34 @@
if (rsp != "test ok, interpreter=test_publisher_auth_method_nested"):
self.fail(`rsp`)
+ def test_publisher_auth_digest_conf(self):
+ c = VirtualHost("*",
+ ServerName("test_publisher_auth_digest"),
+ DocumentRoot(DOCUMENT_ROOT),
+ Directory(DOCUMENT_ROOT,
+ SetHandler("mod_python"),
+ PythonHandler("mod_python.publisher"),
+ PythonDebug("On")))
+ return str(c)
+
+ def test_publisher_auth_digest(self):
+ print "\n * Testing mod_python.publisher auth digest compatability"
+
+ # The contents of the authorization header is not relevant,
+ # as long as it looks valid.
+
+ conn = httplib.HTTPConnection("127.0.0.1:%s" % PORT)
+ conn.putrequest("GET", "/tests.py/test_publisher", skip_host=1)
+ conn.putheader("Host", "%s:%s" % ("test_publisher_auth_digest", PORT))
+ conn.putheader("Authorization", 'Digest username="Mufasa", realm="testrealm@host.com", nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", uri="/dir/index.html", qop=auth, nc=00000001, cnonce="0a4f113b", response="6629fae49393a05397450978507c4ef1", opaque="5ccc069c403ebaf9f0171e9517f40e41"')
+ conn.endheaders()
+ response = conn.getresponse()
+ rsp = response.read()
+ conn.close()
+
+ if (rsp != "test ok, interpreter=test_publisher_auth_digest"):
+ self.fail(`rsp`)
+
def test_publisher_security_conf(self):
c = VirtualHost("*",
ServerName("test_publisher"),
@@ -2358,6 +2386,7 @@
perRequestSuite.addTest(PerRequestTestCase("test_publisher"))
perRequestSuite.addTest(PerRequestTestCase("test_publisher_auth_nested"))
perRequestSuite.addTest(PerRequestTestCase("test_publisher_auth_method_nested"))
+ perRequestSuite.addTest(PerRequestTestCase("test_publisher_auth_digest"))
perRequestSuite.addTest(PerRequestTestCase("test_publisher_old_style_instance"))
perRequestSuite.addTest(PerRequestTestCase("test_publisher_instance"))
perRequestSuite.addTest(PerRequestTestCase("test_publisher_security"))