1 Configuring Apache
2 ==================
3
4 To configure applications without authenticators, use the
5 webstack_apache_config.py script (installed with setup.py but also found in
6 tools/Apache) to set up mod_python applications. For example:
7
8 python webstack_apache_config.py \
9 mod_python \
10 /home/paulb/Software/Python/WebStack/examples/ModPython/CookiesApp/CookiesHandler.py \
11 /etc/apache2/sites-available \
12 cookies-mod \
13 /cookies \
14
15 This script can also be used to configure CGI applications. Run the script
16 without any arguments to see the documentation.
17
18 With the above command, the "cookies" application should be visitable with
19 URLs resembling these:
20
21 http://localhost/cookies/test
22 http://localhost/cookies/my-cookies
23
24 The Manual Approach
25 -------------------
26
27 For each application, add a Location section to httpd.conf (or an appropriate
28 equivalent configuration file) as follows:
29
30 <Location "/simple">
31 SetHandler python-program
32 PythonHandler SimpleHandler
33 PythonDebug On
34 PythonPath "['/home/paulb/Software/Python/WebStack/examples/ModPython/SimpleApp'] + sys.path"
35 </Location>
36
37 The WebStack package must reside on the PYTHONPATH, along with the package
38 containing the application itself. Therefore, ensure that the handler uses the
39 appropriate entries in sys.path or use the PythonPath directive as shown
40 above.
41
42 Using the above definition in httpd.conf, only server resources residing
43 directly below "/simple" in the URL "hierarchy" would be associated with the
44 Simple WebStack application's resources. Therefore, the following URL paths
45 would access the application:
46
47 /simple/home
48 /simple/tasks/my-tasks
49 /simple/agenda/tomorrow/first-thing
50
51 Authentication/Authorisation in mod_python
52 ==========================================
53
54 Apache imposes fairly strict controls over authentication, requiring the
55 addition of various declarations in the configuration in order to impose
56 access controls on applications, and for WebStack authenticators to be used, a
57 "PythonAuthenHandler" must be declared in the application's configuration
58 section.
59
60 Consequently, it is necessary to define authentication methods in the
61 httpd.conf file as in the following example:
62
63 <Location "/auth">
64 SetHandler python-program
65 PythonHandler AuthHandler
66 PythonAuthenHandler AuthHandler
67 PythonDebug On
68 AuthType Basic
69 AuthName "AuthResource"
70 AuthUserFile /etc/apache2/users
71 require valid-user
72 PythonPath "['/home/paulb/Software/Python/WebStack/examples/ModPython/AuthApp'] + sys.path"
73 </Location>
74
75 The details of the application's deployment, including the exact pathname of
76 the users file and the appropriate access policy, must obviously be defined
77 according to the actual application concerned.
78
79 Session Storage with mod_python
80 ===============================
81
82 The very simple SessionStore class provided in WebStack.Helpers.Session, and
83 used by the WebStack.ModPython.Transaction class, requires that a directory be
84 created under the Apache server root with the name "WebStack-sessions". Here are
85 some example commands for doing this:
86
87 cd /usr/local/apache2
88 mkdir WebStack-sessions
89 chown username.groupname WebStack-sessions
90
91 The given "username" and "groupname" correspond to the user and group the Apache
92 server assumes when running.
93
94 Cookies and Redirects
95 =====================
96
97 It appears that mod_python does not permit the setting of cookies whilst
98 redirecting, at least with tested versions of mod_python. When initialising the
99 LoginResource, specify use_redirect=0 in the initialisation arguments.