[Twisted-web] Cannot redirect to a SessionWrapper-wrapped page (example code included)

kgi iacovou at gmail.com
Mon Jul 16 06:51:24 EDT 2007 

Hi all.

I've got the following setup on a nevow site (actually, it's an Athena site, 
but I suspect that's incidental):

  - I want the initial visit to the root to be redirected to a named location
    on the same site (that is, http://foo.com/ => http://foo.com/bar);

  - I want the named location to present a login page using 
    guard.SessionWrapper and twisted.cred;

  - Once authenticated, the application proper is available at the name
    location.

At the moment, I've got the following situtation:

  - Publishing the DummyPage() at the root works.
  - Publishing the LivePage() without the SessionWrapper at the root works[1].
  - Publishing the LivePage with the SessionWrapper at the root works.
  - Redirecting to the DummyPage() works.
  - Redirecting to the LivePage without the SessionWrapper works.
  - However, redirecting to the LivePage with the SessionWrapper seems to get
    into some sort of loop.

[1] Where "publishing at the root" means, "passing the resource to 
appserver.NevowSite()" on line 157-ish

The cred and guard stuff is more or less lifted from nevow/examples/guarded.py

Specifically, Firefox 2.0.0.3 (at least, that's what it reports; it's the 
latest version on Ubuntu Feisty) says:

"""
The page isn't redirecting properly

Firefox has detected that the server is redirecting the request for this 
address in a way that will never complete.

    *   This problem can sometimes be caused by disabling or refusing to       
        accept cookies.
"""

(It is set up to accept all cookies).

Internet Explorer 6 (ies4linux) simply says that the site is unavailable, but 
I can see from the server side logs that it is hitting the server multiple 
times, in the same way as FF.

The server prints out something like this (I'm editing, because it's quite 
verbose):

"GET / HTTP/1.1"

"GET /foopage HTTP/1.1"

"GET /foopage/__session_key__ae8692cb175716b50ba92a316f586f97 HTTP/1.1"

"GET /foopage?__start_session__=1 HTTP/1.1"

"GET /foopage/__session_key__9237e1a6dcd263df40dc3f6357167474?__start_session__=1 
HTTP/1.1"

"GET /foopage?__start_session__=1 HTTP/1.1"

"GET /foopage/__session_key__6e06ee432ba04231e1b1e887d024f04c?__start_session__=1 
HTTP/1.1"

...

[repeated about 10 times in total]

...

[delay]

expired session ae8692cb175716b50ba92a316f586f97
expired session 9237e1a6dcd263df40dc3f6357167474
[repeated about 10 times in total]

I've attached a single-file example of the problem.

Can anyone spot what I'm doing wrong?

Regards,

Ricky

-------------- next part --------------
A non-text attachment was scrubbed...
Name: redirectToGuard.py
Type: application/x-python
Size: 4697 bytes
Desc: not available
Url : http://twistedmatrix.com/pipermail/twisted-web/attachments/20070716/729b2a5a/redirectToGuard.bin

More information about the Twisted-web mailing list