mod_python OpenID Access Control
Since XRI is pretty much in bed with OpenID and NeuStar is an XRI shop, I get to play around with it quite a bit.
Here’s a little success report about using JanRain’s mpopenid module to protect certain restricted resources served by Apache. It works somewhat like your basic HTTP authentication, but instead of returning a 401 Authorization Required response causing the browser to prompt for username and password, it redirects you to the OpenID login page. Pretty neat eh?
So, here’s how we go about doing it.
My ingredients:
- Apache 2.2.4
- Python 2.5
- mod_python 3.2.10
- JanRain’s Python OpenID library combo 1.2.0 (which includes dependencies: Yadis 1.1.0 + urljr 1.0.1)
- mpopenid 1.2.0-pre5 (yet to be released on the main project site which is still showing 1.0.0)
Following the recipes in this README file, I was able to set it up with one caveat: Python ElementTree module is a dependency of the Python Yadis library and you need to first install that.
Did I mention that you could login using an I-name?
UPDATE:
The following patch for mpopenid.py is needed to make i-name login work:
--- mpopenid-1.2.0-pre5/mpopenid.py Tue Nov 21 20:24:53 2006
+++ mpopenid-1.2.0-pre5-wil/mpopenid.py Sun Jan 14 16:12:16 2007
@@ -157,10 +157,17 @@
url = s.strip()
if not url:
continue
- parsed = urlparse.urlparse(url)
- if not (parsed[0] and parsed[1]):
- url = 'http://' + url
- urls.append(urinorm(url))
+
+ if (url[0:6].lower() == "xri://"):
+ url = url[6:] # strip "xri://"
+
+ if (url[0] not in "=@!$+"): # doesn't look like an XRI
+ parsed = urlparse.urlparse(url)
+ if not (parsed[0] and parsed[1]):
+ url = 'http://' + url
+ url = urinorm(url)
+
+ urls.append(url)
return urls
Related posts:
- web.py with mod_python on Apache Normally, I’m a Django-head, but today I wanted a quick way to write a small web app and have heard...
- OpenID for Drupal There was a thread on the OpenID list around the subject of OpenID support in Drupal. Previously, I’ve experimented with...
- This blog is OpenID enabled! One thing led to another. After reading my previous entry on “mod_python OpenID Access Control”, Nate Olson contacted me...
- New site: xrid.net I really shouldn’t blogging that much now that I have three weeks left to pack up and move to Virginia....
- On Mobile OpenID in Japan This presentation by =zigorou (Toru Yamaguchi) titled “Considering OpenID for Mobile” (Thanks =peterd and =nat) is particularly interesting for me...
Related posts brought to you by Yet Another Related Posts Plugin.