close Warning: Can't synchronize with repository "(default)" (Unsupported version control system "svn": No module named svn). Look in the Trac log for more information.

Changes between Version 6 and Version 7 of AuthFramework


Ignore:
Timestamp:
Aug 6, 2008, 8:30:44 PM (16 years ago)
Author:
cmlenz
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • AuthFramework

    v6 v7  
    5151
    5252This mode allows the use of HTTP authentication without having to protect the entire URL namespace. Only one or more sub-resources (such as `/login`) are protected by HTTP authentication. When the user visits a protected URL, Diva sets a cookie (in the same manner as with form-based authentication), thereby enabling resources outside of the protected area to identify the user and apply her permissions.
     53
     54== Integration and Utilities ==
     55
     56=== Development Server Integration ===
     57
     58As HTTP authentication is generally performed by the web server, testing a web app relying on HTTP authentication is often inconvenient. The Diva DevelopmentServer makes it easy by providing built-in support for HTTP Digest authentication, which can be enabled simply by specifying a couple of command-line options:
     59
     60{{{
     61$ ./geddit/app.py --help
     62Usage: app.py [options]
     63
     64Options:
     65  -h, --help            show this help message and exit
     66  -O name=value         set a configuration option
     67  -b HOST, --host=HOST  hostname or IP address to bind to (default 127.0.0.1)
     68  -p PORT, --port=PORT  port number to listen to (default 8080)
     69  -r, --auto-reload     automatically restart after code changes (default off)
     70
     71  Authentication:
     72    -D FILE, --digest=FILE
     73                        path to a htdigest file to use for authentication
     74    --realm=REALM       name of the authentication realm (default "Geddit")
     75    --protect=PATH      path(s) to protect by authentication
     76
     77  Logging:
     78    -v, --verbose       print as much as possible
     79    -q, --quiet         print as little as possible
     80}}}
     81
     82The `--digest` option is used to specify the text file containing the credentials, in a format compatible with the [http://httpd.apache.org/docs/2.2/programs/htdigest.html Apache htdigest tool]. The `--realm` option can be used to specify a different realm, where the default is the name of the `Application` class. This realm needs to match the realm used in the digest file.
     83
     84Finally, the `--protect` option can be used to require authentication only on the specified sub-resources. When the `--protect` option is not provided, the whole URI space will require authentication. When it is specified, authentication is only required on the specified paths. To protect more than one path, simply specifiy the option as often as you need.
     85
     86For example:
     87
     88{{{
     89$ ./geddit/app.py -rv --digest auth.digest --protect /login
     90}}}
     91
     92=== Password Management Utilities ===
     93