diff -r 261778de26ff -r 620f9b141567 thirdparty/google_appengine/lib/django/docs/apache_auth.txt --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/thirdparty/google_appengine/lib/django/docs/apache_auth.txt Tue Aug 26 21:49:54 2008 +0000 @@ -0,0 +1,71 @@ +========================================================= +Authenticating against Django's user database from Apache +========================================================= + +Since keeping multiple authentication databases in sync is a common problem when +dealing with Apache, you can configuring Apache to authenticate against Django's +`authentication system`_ directly. For example, you could: + + * Serve static/media files directly from Apache only to authenticated users. + + * Authenticate access to a Subversion_ repository against Django users with + a certain permission. + + * Allow certain users to connect to a WebDAV share created with mod_dav_. + +Configuring Apache +================== + +To check against Django's authorization database from a Apache configuration +file, you'll need to use mod_python's ``PythonAuthenHandler`` directive along +with the standard ``Auth*`` and ``Require`` directives:: + + + AuthType basic + AuthName "example.com" + Require valid-user + + SetEnv DJANGO_SETTINGS_MODULE mysite.settings + PythonAuthenHandler django.contrib.auth.handlers.modpython + + +By default, the authentication handler will limit access to the ``/example/`` +location to users marked as staff members. You can use a set of +``PythonOption`` directives to modify this behavior: + + ================================ ========================================= + ``PythonOption`` Explanation + ================================ ========================================= + ``DjangoRequireStaffStatus`` If set to ``on`` only "staff" users (i.e. + those with the ``is_staff`` flag set) + will be allowed. + + Defaults to ``on``. + + ``DjangoRequireSuperuserStatus`` If set to ``on`` only superusers (i.e. + those with the ``is_superuser`` flag set) + will be allowed. + + Defaults to ``off``. + + ``DjangoPermissionName`` The name of a permission to require for + access. See `custom permissions`_ for + more information. + + By default no specific permission will be + required. + ================================ ========================================= + +Note that sometimes ``SetEnv`` doesn't play well in this mod_python +configuration, for reasons unknown. If you're having problems getting +mod_python to recognize your ``DJANGO_SETTINGS_MODULE``, you can set it using +``PythonOption`` instead of ``SetEnv``. Therefore, these two Apache directives +are equivalent:: + + SetEnv DJANGO_SETTINGS_MODULE mysite.settings + PythonOption DJANGO_SETTINGS_MODULE mysite.settings + +.. _authentication system: ../authentication/ +.. _Subversion: http://subversion.tigris.org/ +.. _mod_dav: http://httpd.apache.org/docs/2.0/mod/mod_dav.html +.. _custom permissions: ../authentication/#custom-permissions