id,summary,reporter,owner,description,type,status,component,version,severity,resolution,keywords,cc,stage,has_patch,needs_docs,needs_tests,needs_better_patch,easy,ui_ux 3583,cookie-based modpython / apache authentication,midfield ,,"The modpython authentication handler described in http://www.djangoproject.com/documentation/apache_auth/ is great but it uses HTTP authentication. This is not exactly transparent: to see protected static content from within a protected django site the user will have to log in TWICE, once for the django bits, and once for the static bits. In general there are problems with mixing authentication types: security, logging out, etc. I'm pretty sure it should not be too hard to write an authentication handler (hooking into PythonAuthenHandler) which looks for the session / authentication cookie instead of using HTTP authentication. I'd do it myself but it has been a long time since I have written apache / modpython modules, so if anyone out there is an expert some help would be much appreciated.",,closed,Contrib apps,dev,,wontfix,authentication modpython apache,faheem@… andy@… jzylks@…,Accepted,1,0,0,0,0,0