[Twisted-Python] Why would getUser()/getPassword() return ""?

Stuart Hungerford stuart.hungerford at anu.edu.au
Tue Nov 25 00:03:32 EST 2003

Hi all,

Before I move onto learning about cred, guard and more
sophisticated authentication schemes, I'm trying to get a
simple example working with basic HTTP authentication.

I have a resource subclass who's render() method checks the
values of request.getUsername() and request.getPassword():

class request_create(twisted.web.resource.Resource):
     isLeaf = 1
     addSlash = 0

     def render(self, request):
         if (not request.getUser()) or (not request.getPassword()):
             request.setResponseCode(401, 'Authentication required')
             return twisted.web.error.ForbiddenResource().render(request)

         # do work and render HTML ...

The problem is that no matter what I try getUser() and getPassword()
both return the string "" and the web browser never prompts for a

Is the above enough for the simplest possible HTTP authentication
approach in Twisted web or should I be setting HTTP headers before the
request.getUser()/request.getPassword() is performed?

Any advice much appreciated,



:: Stuart Hungerford (stuart.hungerford at anu.edu.au)
:: ANU Internet Futures Group

More information about the Twisted-Python mailing list