id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
3583	cookie-based modpython / apache authentication	midfield <midfield@…>		"The modpython authentication handler described in

http://www.djangoproject.com/documentation/apache_auth/

is great but it uses HTTP authentication.  This is not exactly transparent: to see protected static content from within a protected django site the user will have to log in TWICE, once for the django bits, and once for the static bits.  In general there are problems with mixing authentication types: security, logging out, etc.

I'm pretty sure it should not be too hard to write an authentication handler (hooking into PythonAuthenHandler) which looks for the session / authentication cookie instead of using HTTP authentication.  I'd do it myself but it has been a long time since I have written apache / modpython modules, so if anyone out there is an expert some help would be much appreciated."		closed	Contrib apps	dev		wontfix	authentication modpython apache	faheem@… andy@… jzylks@…	Accepted	1	0	0	0	0	0