[Twisted-web] HTTPAuthSessionWrapper render

Jared Gisin jared.gisin at isilon.com
Wed Jul 1 16:34:41 EDT 2009

Yes, I can file a bug.

Is there a reason why this HTTPAuthSessionWrapper isn't a mixin for
resource.Resource? I've shoehorned it into my own custom subclass of
resource.Resource that could easily be done as a mixin (though not Ideal
due to MRO problem if it's in the wrong order). Better would be to
provide a proper HTTPAuthResource that does it. Thoughts?


-----Original Message-----
From: twisted-web-bounces at twistedmatrix.com
[mailto:twisted-web-bounces at twistedmatrix.com] On Behalf Of Jean-Paul
Sent: Wednesday, July 01, 2009 7:49 AM
To: Twisted Web World
Subject: Re: [Twisted-web] HTTPAuthSessionWrapper render

On Wed, 1 Jul 2009 07:12:25 -0700, Jared Gisin <jared.gisin at isilon.com>
>I guess the problem that I have is that there's an example for it,
>you wrap the root object that gets passed into a
>twisted.web.server.Site() instantiation. My application doesn't require
>auth for every thing in the site; only certain subtrees of the Resource
>hierarchy, so how in the world in a Resource's __init__(self): would I
>hook this up to something that I'd pass into self.putChild()
>Here, I've modified the realm to hand back the Resource object passed
>upon authentication.
>site = server.Site(
>guard.HTTPAuthSessionWrapper(Portal(APIRealm(Root()), CRED_CHECKERS),
>But suppose I have under Root() a resource V1, then the following
>doesn't work:
>class Root(Resource):
>    def __init__(self):
>        Resource.__init__(self)
>        self.putChild('1', guard.HTTPAuthSessionWrapper(
>                       Portal(APIRealm(V1()), CRED_CHECKERS),
>                          CRED_FACTORIES))
>	  Self.putChild('', self)
>What winds up happening is that it things an instance of
>HTTPAuthSessionWrapper is the child of Root, and when I access a URI
>such as /1?blah, which I expect to render something, it winds up
>the render method of that HTTPAuthSessionWrapper, which is wrong. It
>needs to call render of V1(), not it's wrapper. What do I have wrong?

That sounds like a reasonable thing to be doing, in which case what you
said about HTTPAuthSessionWrapper.render passing through to the avatar
sounds like the right behavior.

Can you file a ticket in the issue tracker for this?


Twisted-web mailing list
Twisted-web at twistedmatrix.com

More information about the Twisted-web mailing list