Comments for Jim Hoskins http://jimhoskins.com Yeah... it's awesome Thu, 20 Nov 2008 21:58:39 +0000 http://wordpress.org/?v=2.5.1 Comment on CherryPy Digest and Basic Authentication Tutorial by morecowbell http://jimhoskins.com/2008/07/21/cherrypy-digest-and-basic-authentication/#comment-42 morecowbell Tue, 02 Sep 2008 21:56:30 +0000 http://jimhoskins.com/?p=5#comment-42 thanks for clearing that up. the example was somewhat contrived and predicated by laziness doing a "functional" redirect. obviously, that doesn't work and you probably saved me a wild goose chase or two down the road :) thanks again. thanks for clearing that up. the example was somewhat contrived and predicated by laziness doing a “functional” redirect. obviously, that doesn’t work and you probably saved me a wild goose chase or two down the road :) thanks again.

]]> Comment on CherryPy Digest and Basic Authentication Tutorial by Jim Hoskins http://jimhoskins.com/2008/07/21/cherrypy-digest-and-basic-authentication/#comment-37 Jim Hoskins Wed, 27 Aug 2008 23:30:22 +0000 http://jimhoskins.com/?p=5#comment-37 @morecowbell: I am not exactly sure what you are going for in your example, but maybe this helps. If you want everything on your server to be protected, you can simply replace "/secure" with "/" in the configuration. CherryPy triggers authentication before the target method is called, based on the request path. If you manually call the method, CherryPy won't be able to tell, and authentication will not be triggered. My suggestion would be to either: 1) Send a HTTP Redirect from root.index, this will cause the client to request /secure, and authentication will be triggered. Or, 2) Add or change the configuration to include authentication for "/" and authentiaction will trigger on any request. The use case you suggested seems possible, if the authentication code could be implemented as a decorator, but that functionality does not exist as far as I know. I may hack around with it to see if it can be done. I hope this helps, let me know if I didn't fully answer your question. @morecowbell:

I am not exactly sure what you are going for in your example, but maybe this helps.

If you want everything on your server to be protected, you can simply replace “/secure” with “/” in the configuration.

CherryPy triggers authentication before the target method is called, based on the request path. If you manually call the method, CherryPy won’t be able to tell, and authentication will not be triggered.

My suggestion would be to either:
1) Send a HTTP Redirect from root.index, this will cause the client to request /secure, and authentication will be triggered. Or,
2) Add or change the configuration to include authentication for “/” and authentiaction will trigger on any request.

The use case you suggested seems possible, if the authentication code could be implemented as a decorator, but that functionality does not exist as far as I know. I may hack around with it to see if it can be done.

I hope this helps, let me know if I didn’t fully answer your question.

]]> Comment on CherryPy Digest and Basic Authentication Tutorial by morecowbell http://jimhoskins.com/2008/07/21/cherrypy-digest-and-basic-authentication/#comment-36 morecowbell Wed, 27 Aug 2008 21:42:57 +0000 http://jimhoskins.com/?p=5#comment-36 excellent. thanks. got a question: using the basic_auth module from above but changing RootServer class to (in order to force the sign in pop up with out the user having to follow a link, for example): class RootServer: s = SecureServer() @cherrypy.expose def index(self): return self.s.index() seems to circumvent the sign-in process. i was under the impression that the configuration for '/secure' would still require login and make sure that when the methods in that class are called, authentication is required. i seem to be missing something major here. thx excellent. thanks.
got a question: using the basic_auth module from above but changing RootServer class to (in order to force the sign in pop up with out the user having to follow a link, for example):
class RootServer:
s = SecureServer()
@cherrypy.expose
def index(self):
return self.s.index()

seems to circumvent the sign-in process. i was under the impression that the configuration for ‘/secure’ would still require
login and make sure that when the methods in that class are called, authentication is required. i seem to be missing something major here. thx

]]> Comment on CherryPy Digest and Basic Authentication Tutorial by morecowbell http://jimhoskins.com/2008/07/21/cherrypy-digest-and-basic-authentication/#comment-20 morecowbell Fri, 22 Aug 2008 05:15:46 +0000 http://jimhoskins.com/?p=5#comment-20 awesome. most helpful. thank you very much! awesome. most helpful. thank you very much!

]]> Comment on CherryPy Digest and Basic Authentication Tutorial by rohmad http://jimhoskins.com/2008/07/21/cherrypy-digest-and-basic-authentication/#comment-15 rohmad Fri, 15 Aug 2008 02:49:59 +0000 http://jimhoskins.com/?p=5#comment-15 thanks alot!...its very useful thanks alot!…its very useful

]]> Comment on Cherrypy Digest Auth POST problem (and solution!) by Alex http://jimhoskins.com/2008/07/18/cherrypy-digest-auth-post-problem-and-solution/#comment-14 Alex Thu, 14 Aug 2008 17:05:10 +0000 http://jimhoskins.com/?p=4#comment-14 Your blog is interesting! Keep up the good work! Your blog is interesting!

Keep up the good work!

]]> Comment on Cherrypy Digest Auth POST problem (and solution!) by Jim Hoskins http://jimhoskins.com/2008/07/18/cherrypy-digest-auth-post-problem-and-solution/#comment-13 Jim Hoskins Sun, 03 Aug 2008 04:22:22 +0000 http://jimhoskins.com/?p=4#comment-13 Robert, Awesome, I will have to check the version of cherrypy installed for the project in which I encountered this bug. I believe it is the latest stable. I had seen a bug report for this issue before, but It stated it had been fixed in a version prior to my current install. I will look into it and update this article accordingly. Robert,

Awesome, I will have to check the version of cherrypy installed for the project in which I encountered this bug. I believe it is the latest stable. I had seen a bug report for this issue before, but It stated it had been fixed in a version prior to my current install.

I will look into it and update this article accordingly.

]]> Comment on Cherrypy Digest Auth POST problem (and solution!) by Robert Brewer http://jimhoskins.com/2008/07/18/cherrypy-digest-auth-post-problem-and-solution/#comment-12 Robert Brewer Sun, 03 Aug 2008 04:16:21 +0000 http://jimhoskins.com/?p=4#comment-12 I believe this issue was addressed in http://www.cherrypy.org/ticket/786 and http://www.cherrypy.org/ticket/819. Let us know if it persists. I believe this issue was addressed in http://www.cherrypy.org/ticket/786 and http://www.cherrypy.org/ticket/819. Let us know if it persists.

]]> Comment on CherryPy Digest and Basic Authentication Tutorial by Robert Brewer http://jimhoskins.com/2008/07/21/cherrypy-digest-and-basic-authentication/#comment-11 Robert Brewer Sun, 03 Aug 2008 04:08:44 +0000 http://jimhoskins.com/?p=5#comment-11 Excellent! Thanks so much for this tutorial! We need more helpful people like you and articles like this one. :) Excellent! Thanks so much for this tutorial! We need more helpful people like you and articles like this one. :)

]]> Comment on CherryPy Digest and Basic Authentication Tutorial by Green Data http://jimhoskins.com/2008/07/21/cherrypy-digest-and-basic-authentication/#comment-10 Green Data Sat, 26 Jul 2008 15:15:48 +0000 http://jimhoskins.com/?p=5#comment-10 Cool man, this is really useful as I was going to implement some API (JSON) for my web application and was willing to authenticate such requests. Anyway, I'll add your blog into my Feed Reader as it seems that you are a Python/Cherrypy fan like me. Cool man, this is really useful as I was going to implement some API (JSON) for my web application and was willing to authenticate such requests.
Anyway, I’ll add your blog into my Feed Reader as it seems that you are a Python/Cherrypy fan like me.

]]>