[Twisted-Python] Basic HTTP Authentication in Twisted.web

Thomas Weholt 2002 at weholt.org
Tue Feb 18 15:11:03 EST 2003

I need to authenticate users using basic HTTP authentication and the code below works on Mozilla, Opera, that awful KDE browser ;-) and whatever else I throw at it, EXCEPT MSIE. Most of my potential users are MS IE addicts so this is a key point in my project. The code below are ported from a previous project based on BaseHTTPServer. It might be that I didn't send a end_headers-header before sending the plain-text content. This was done in the BaseHTTPServer-solution, but I didn't find any such code in Twisted.

   def render(self, request):
        username = request.getUser()
        password = request.getPassword()
        if not username or not password:
            request.setResponseCode(401, 'Authentication needed')
            request.setHeader('Connection', 'close')
            request.setHeader('WWW-Authenticate', 'Basic realm="%s"' % 'default')
            request.setHeader('Content-Length', str(len('401: Authorization needed.')))
            request.setHeader('Content-Type', 'text/html')
            return '<h1>401 Authentication required</h1>%s' % msg
    # else process the request in a normal way

How can I use Twisted to authenticate users using basic HTTP authentication? Are there any example on how to use the cred-module in Twisted to authenticate users? 

Any information on this issue would be highly appreciated. Ideas on how to maintain user-information and implement security policies in Twisted, especially web-based Twisted-apps are also very interesting.

Best regards,
Thomas Weholt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://twistedmatrix.com/pipermail/twisted-python/attachments/20030218/49f005bf/attachment.htm 

More information about the Twisted-Python mailing list