id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
4342	Addition information about apache authentication via cookies to mod_python/auth docs	cwurld@…	Jacob	"Hi, 

In ""Authenticating against Django’s user database from Apache"" , you suggest that this might be useful for ""Serve static/media files directly from Apache only to authenticated users."" That sounds really great. Especially given all the dire warnings against serving static file through Django.

However, it seems that the way this code works is a user goes to get a file from a protected dir. Then Apache forces the user to give a username and password. After that, the request gets sent to the django mod_python handler, which then authenticates the entered username and password against the django auth system.

But I am guessing that most developers who want to serve secured static files, don't want the user to have to give apache a username and password. Rather, they would like the authentication to work like any other page in django.

This snippet explains how to solve this problem: http://www.djangosnippets.org/snippets/62/

The reason I think you should add this to the standard django docs is that I think noobs (like me) would run into the problem fairly frequently. And without a deep understanding of apache and mod_python, it is very hard to know what questions to ask to find the solution.

Thanks,
Chuck
"		closed	Documentation	dev		duplicate	authentication, mod_python, docs		Design decision needed	0	1	0	0	0	0