| 25 | | To check against Django's authorization database from a Apache configuration |
| 26 | | file, you'll need to use mod_python's ``PythonAuthenHandler`` directive along |
| | 25 | Make sure that mod_wsgi is installed and activated and that you have |
| | 26 | followed the steps to |
| | 27 | :ref:`use Django with Apache and mod_wsgi <howto-deployment-modwsgi>`. |
| | 28 | |
| | 29 | Next, edit the Apache ``httpd.conf`` file to add a path that you want |
| | 30 | only authenticated users to be able to view: |
| | 31 | |
| | 32 | .. code-block:: apache |
| | 33 | |
| | 34 | WSGIScriptAlias / /path/to/mysite/apache/django.wsgi |
| | 35 | |
| | 36 | WSGIProcessGroup %{GLOBAL} |
| | 37 | WSGIApplicationGroup django |
| | 38 | |
| | 39 | <Location "/secret"> |
| | 40 | AuthType Basic |
| | 41 | AuthName "Top Secret" |
| | 42 | Require valid-user |
| | 43 | AuthBasicProvider wsgi |
| | 44 | WSGIAuthUserScript /path/to/mysite/apache/django.wsgi |
| | 45 | </Location> |
| | 46 | |
| | 47 | The ``WSGIAuthUserScript`` directive tells mod_wsgi to execute the |
| | 48 | ``check_password`` function in that script passing the user name and |
| | 49 | password that it receives from the prompt. In this example, |
| | 50 | the ``WSGIAuthUserScript`` is the same as the ``WSGIScriptAlias`` that |
| | 51 | defines your application. |
| | 52 | |
| | 53 | .. admonition:: Using Apache 2.2 with authentication |
| | 54 | |
| | 55 | Make sure that ``mod_auth_basic`` and ``mod_authz_user`` are loaded. |
| | 56 | |
| | 57 | These might be compiled statically into Apache, or you might need to use |
| | 58 | LoadModule to load them dynamically in your ``httpd.conf``: |
| | 59 | |
| | 60 | .. code-block:: apache |
| | 61 | |
| | 62 | LoadModule auth_basic_module modules/mod_auth_basic.so |
| | 63 | LoadModule authz_user_module modules/mod_authz_user.so |
| | 64 | |
| | 65 | Finally, edit your "WSGI file" to tie Apache's authentication to your site's |
| | 66 | users: |
| | 67 | |
| | 68 | .. code-block:: python |
| | 69 | |
| | 70 | import os |
| | 71 | import sys |
| | 72 | |
| | 73 | os.environ['DJANGO_SETTINGS_MODULE'] = 'mysite.settings' |
| | 74 | |
| | 75 | from django.contrib.auth.handlers.modwsgi import authenticate_user |
| | 76 | |
| | 77 | def check_password(environ, user, password): |
| | 78 | return authenticate_user(environ, user, password) |
| | 79 | |
| | 80 | from django.core.handlers.wsgi import WSGIHandler |
| | 81 | |
| | 82 | application = WSGIHandler() |
| | 83 | |
| | 84 | |
| | 85 | Requests beginning with ``/secret/`` will now require a user to authenticate. |
| | 86 | |
| | 87 | The mod_wsgi `access control mechanisms documentation`_ provides additional |
| | 88 | details and information about alternative methods of authentication. |
| | 89 | |
| | 90 | .. _access control mechanisms documentation: http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms |
| | 91 | |
| | 92 | Authentication with mod_python |
| | 93 | ============================== |
| | 94 | |
| | 95 | To check against Django's authorization database from mod_python, |
| | 96 | you'll need to use mod_python's ``PythonAuthenHandler`` directive along |