login community faq

Apache Basic Authentication for mod_wsgi (inc. Django) applications

2
2

I am trying to configure authentication in my mod_wsgi folder. Please assist.

Edit: This post (originally deleted by author) has been re-opened and modified from its original content to exclude customer-specific details.

asked Oct 31 '10 at 01:37

glerm's gravatar image

glerm
26112

edited Oct 31 '10 at 02:54

ryans's gravatar image

ryans ♦♦
28411420
3 Answers:
oldestnewestmost voted
3

This is accomplished by editing the httpd.conf for the Apache server that runs your mod_wsgi/Django application. First, add the following lines of code near the top of your mod_wsgi/Django application's httpd.conf file:

1
2
3
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authz_user_module modules/mod_authz_user.so

And then the following lines after the "WSGIScriptAlias" line (at the end of your httpd.conf):

1
2
3
4
5
6
<Location />
AuthType Basic
AuthName "Authentication Required"
AuthUserFile "/path/to/.htpasswd"
Require valid-user
</Location>

It is necessary to restart the Apache instance in order for these changes to take effect.

Note: You can protect a sub-path of an application (for example, /members) using:

1
2
3
4
5
6
<Location /members>
AuthType Basic
AuthName "Authentication Required"
AuthUserFile "/path/to/.htpasswd"
Require valid-user
</Location>

Lastly, the 'htpasswd' command is used to create the .htpasswd file referenced above. More information on .htpasswd files (and other features of Apache Basic Authentication) can be found in the related guide for Static/CGI/PHP applications:

http://docs.webfaction.com/software/static.html#password-protecting-a-directory-with-a-static-cgi-php-app

answered Oct 31 '10 at 03:01

ryans's gravatar image

ryans ♦♦
28411420

edited Oct 31 '10 at 03:02

This doesn't work with a mod_wsgi application!

(Jan 31 '11 at 09:16) khaz khaz's gravatar image

Did you add the required modules to the top of your httpd.conf?

LoadModule auth_basic_module modules/mod_auth_basic.so LoadModule authn_file_module modules/mod_authn_file.so LoadModule authz_user_module modules/mod_authz_user.so

(Jan 31 '11 at 10:05) tie tie's gravatar image

That worked to me just fine. For the ones (like me) that just copy-paste this piece of code, just remember at line "AuthUserFile" to subtitute '/path/to' with the path where .htpasswd file is. You should put the relevant path (e.g. AuthUserFile "../.htpasswd").

(Feb 02 '12 at 15:01) zafm zafm's gravatar image
2

You can also achieve this easily within django and login a django user. See this sample views.py:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
import base64
from django.contrib.auth import authenticate
from django.http import HttpResponse
from django.shortcuts import render_to_response

def basic_auth(request):    
    if request.META.get('HTTP_AUTHORIZATION', 'whatever')[:5] == 'Basic':    
        auth = base64.b64decode(request.META.get('HTTP_AUTHORIZATION', 'none')[6:]).split(":")    
        if authenticate(username=auth[0], password=auth[1]) is not None:    
            return render_to_response('template.html', {})    
    response = HttpResponse()    
    response.status_code = 401    
    response['WWW-Authenticate'] = 'Basic realm="Basic Auth"'    
    return response

answered Nov 01 '10 at 12:19

lamusoftware's gravatar image

lamusoftware
1679

edited Nov 02 '10 at 07:21

Note to self - requires WSGIPassAuthorization On directive in .htaccess

(Nov 22 '10 at 06:57) lamusoftware lamusoftware's gravatar image
2

I have found that if you are using Django & mod_wsgi, you need to add the following configuration directive to your httpd.conf file:

WSGIPassAuthorization On

(see this old forum topic)

answered Feb 24 '11 at 09:51

redseam's gravatar image

redseam
212

edited Feb 24 '11 at 09:53

Thanks - this fixed Tasty-Pie access problems for me.

(Apr 02 at 22:34) kpd kpd's gravatar image
Your answer
If you have an answer to the above question, then use the form below. Otherwise, use the appropriate 'add new comment' button above to post your feedback.
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Tags:

×643
×25
×14
×11

Asked: Oct 31 '10 at 01:37

Seen: 3,124 times

Last updated: Apr 02 at 22:34

Related questions

InterfaceError: connection already closed

What are the steps to convert a Django application from Apache/mod_wsgi to Gunicorn?

authentication - Internal Server Error

Reloading mod_wsgi applications

Installing Django application

Added new django app, now page shows 404, not even django 404

Pinax installation

Existing django project

Installing apache modules with axps

wrong ELF class: ELFCLASS32 - Problem with Apache2/Python/Django

Plans & prices    Sign up    Why WebFaction?    Contact us    Affiliate program    Support    Legal    Jobs    Blog    Control panel login
Powered by OSQA
© Copyright 2003-2012 Swarma Limited - WebFaction is a service of Swarma Limited