django - 使用基本身份验证保护一些 Web 路径 [英] django - protect some web paths with basic authentication
问题描述
i'm fairly new to django and just trying a couple simple experiments to get my feet wet. i'm running django 1.0, apache2 prefork and mod_wsgi. I'm trying to build a site with the following url structure
/
/members
/admin
the root is basically a public area.
the members path should be protected using basic-authentication (probably authenticated by apache)
the admin path should be protected using the built in django authentication.
following the examples in documentation i can basically protect the entire site with basic authentication, but that's not what i want.
except from virtual host config:
WSGIScriptAlias / /django/rc/apache/django.wsgi
<Directory /django/rc/apache>
AuthType Basic
AuthName "Authentication Required"
AuthUserFile "/django/_HTPASSWD/.htpasswd"
Require valid-user
# Order allow,deny
# Allow from all
</Directory>
Can anyone help point me in the right direction (or flat out tell me =P) on how to make this possible?
thanks
edit: after playing around a little i discovered i can do something like:
WSGIScriptAlias / /django/rc/apache/django.wsgi
<Directory /django/rc/apache>
Order allow,deny
Allow from all
</Directory>
WSGIScriptAlias /members /django/rc/apache_httpauth/django.wsgi
<Directory /django/rc/apache_httpauth>
AuthType Basic
AuthName "Authentication Required"
AuthUserFile "/django/_HTPASSWD/.htpasswd"
Require valid-user
</Directory>
The django.wsgi file is basically the same file copied into another directory so that the WSGIScriptAlias is different. It's hack-ish but it works..
Is there a better way to do what i'd like?
Are there any downsides to doing it like this?
thanks
Change:
<Directory /django/rc/apache_httpauth>
AuthType Basic
AuthName "Authentication Required"
AuthUserFile "/django/_HTPASSWD/.htpasswd"
Require valid-user
</Directory>
to:
<Location /members>
AuthType Basic
AuthName "Authentication Required"
AuthUserFile "/django/_HTPASSWD/.htpasswd"
Require valid-user
</Location>
I don't believe you should need:
WSGIScriptAlias /members /django/rc/apache_httpauth/django.wsgi
这篇关于django - 使用基本身份验证保护一些 Web 路径的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
