mirror of
				https://github.com/django/django.git
				synced 2025-10-25 14:46:09 +00:00 
			
		
		
		
	git-svn-id: http://code.djangoproject.com/svn/django/trunk@3012 bcc190cf-cafb-0310-a4f2-bffc1f526a37
		
			
				
	
	
		
			72 lines
		
	
	
		
			3.2 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			72 lines
		
	
	
		
			3.2 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| =========================================================
 | |
| Authenticating against Django's user database from Apache
 | |
| =========================================================
 | |
| 
 | |
| Since keeping multiple authentication databases in sync is a common problem when
 | |
| dealing with Apache, you can configuring Apache to authenticate against Django's
 | |
| `authentication system`_ directly.  For example, you could:
 | |
| 
 | |
|     * Serve media files directly from Apache only to authenticated users.
 | |
| 
 | |
|     * Authenticate access to a Subversion_ repository against Django users with
 | |
|       a certain permission.
 | |
| 
 | |
|     * Allow certain users to connect to a WebDAV share created with mod_dav_.
 | |
| 
 | |
| Configuring Apache
 | |
| ==================
 | |
| 
 | |
| To check against Django's authorization database from a Apache configuration
 | |
| file, you'll need to use mod_python's ``PythonAuthenHandler`` directive along
 | |
| with the standard ``Auth*`` and ``Require`` directives::
 | |
| 
 | |
|     <Location /example/>
 | |
|         AuthType basic
 | |
|         AuthName "example.com"
 | |
|         Require valid-user
 | |
| 
 | |
|         SetEnv DJANGO_SETTINGS_MODULE mysite.settings
 | |
|         PythonAuthenHandler django.contrib.auth.handlers.modpython
 | |
|     </Location>
 | |
| 
 | |
| By default, the authentication handler will limit access to the ``/example/``
 | |
| location to users marked as staff members.  You can use a set of
 | |
| ``PythonOption`` directives to modify this behavior:
 | |
| 
 | |
|     ================================  =========================================
 | |
|     ``PythonOption``                  Explanation
 | |
|     ================================  =========================================
 | |
|     ``DjangoRequireStaffStatus``      If set to ``on`` only "staff" users (i.e.
 | |
|                                       those with the ``is_staff`` flag set)
 | |
|                                       will be allowed.
 | |
| 
 | |
|                                       Defaults to ``on``.
 | |
| 
 | |
|     ``DjangoRequireSuperuserStatus``  If set to ``on`` only superusers (i.e.
 | |
|                                       those with the ``is_superuser`` flag set)
 | |
|                                       will be allowed.
 | |
| 
 | |
|                                       Defaults to ``off``.
 | |
| 
 | |
|     ``DjangoPermissionName``          The name of a permission to require for
 | |
|                                       access. See `custom permissions`_ for
 | |
|                                       more information.
 | |
| 
 | |
|                                       By default no specific permission will be
 | |
|                                       required.
 | |
|     ================================  =========================================
 | |
| 
 | |
| Note that sometimes ``SetEnv`` doesn't play well in this mod_python
 | |
| configuration, for reasons unknown. If you're having problems getting
 | |
| mod_python to recognize your ``DJANGO_SETTINGS_MODULE``, you can set it using
 | |
| ``PythonOption`` instead of ``SetEnv``. Therefore, these two Apache directives
 | |
| are equivalent::
 | |
| 
 | |
|     SetEnv DJANGO_SETTINGS_MODULE mysite.settings
 | |
|     PythonOption DJANGO_SETTINGS_MODULE mysite.settings
 | |
| 
 | |
| .. _authentication system: http://www.djangoproject.com/documentation/authentication/
 | |
| .. _Subversion: http://subversion.tigris.org/
 | |
| .. _mod_dav: http://httpd.apache.org/docs/2.0/mod/mod_dav.html
 | |
| .. _custom permissions: http://www.djangoproject.com/documentation/authentication/#custom-permissions
 |