皮纳克斯Apache:仅向经过身份验证的用户传递附件
我希望 Apache 和 Pinax 只向经过身份验证的用户提供附件。
我找到了这个帖子,但我无法做到工作。
我的 Apache-conf-file:
WSGIPythonPath /usr/local/bin/python
<VirtualHost *:80>
ServerName www.domain.com
ServerAlias domain.com
WSGIDaemonProcess k-production python-path=/path/to/app/pinax-env/lib/python2.6/site-packages
WSGIProcessGroup k-production
Alias /site_media /path/to/app/cp/site_media
<Directory /path/to/app/cp/site_media>
Order deny,allow
Allow from all
</Directory>
WSGIScriptAlias /site_media/media/attachments /path/to/app/cp/deploy/pinax.wsgi
<Directory /path/to/app/cp/site_media/media/attachments>
Deny from all
</Directory>
XSendFile On
XSendFileAllowAbove On
WSGIScriptAlias / /path/to/app/cp/deploy/pinax.wsgi
<Directory /path/to/app/cp/deploy>
Order deny,allow
Allow from all
</Directory>
</VirtualHost>
和我的(仍然粗略的)视图,应该被调用:
@login_required
def sendfile(request, slug):
app, content_object_id, img = slug.split('/')
project_file = get_object_or_404(Attachment, attachment_file = 'attachments/'+slug)
response = HttpResponse()
response['X-Sendfile'] = os.path.join(settings.MEDIA_ROOT, 'attachments/'+slug)
content_type = 'application/octet-stream'
response['Content-Type'] = content_type
response['Content-Disposition'] = 'attachment; filename="%s"' % os.path.basename(os.path.join(settings.MEDIA_ROOT, 'attachments/'+slug))
return response
无论用户是否登录,Apache 都会抛出 403。
通过开发服务器,我可以访问视图,但不会传输任何数据。
出了什么问题?
I want that Apache and Pinax only deliver Attachments to authenticated users.
I found this post, but i can't make it work.
My Apache-conf-file:
WSGIPythonPath /usr/local/bin/python
<VirtualHost *:80>
ServerName www.domain.com
ServerAlias domain.com
WSGIDaemonProcess k-production python-path=/path/to/app/pinax-env/lib/python2.6/site-packages
WSGIProcessGroup k-production
Alias /site_media /path/to/app/cp/site_media
<Directory /path/to/app/cp/site_media>
Order deny,allow
Allow from all
</Directory>
WSGIScriptAlias /site_media/media/attachments /path/to/app/cp/deploy/pinax.wsgi
<Directory /path/to/app/cp/site_media/media/attachments>
Deny from all
</Directory>
XSendFile On
XSendFileAllowAbove On
WSGIScriptAlias / /path/to/app/cp/deploy/pinax.wsgi
<Directory /path/to/app/cp/deploy>
Order deny,allow
Allow from all
</Directory>
</VirtualHost>
and my (still rough) view, that should get called:
@login_required
def sendfile(request, slug):
app, content_object_id, img = slug.split('/')
project_file = get_object_or_404(Attachment, attachment_file = 'attachments/'+slug)
response = HttpResponse()
response['X-Sendfile'] = os.path.join(settings.MEDIA_ROOT, 'attachments/'+slug)
content_type = 'application/octet-stream'
response['Content-Type'] = content_type
response['Content-Disposition'] = 'attachment; filename="%s"' % os.path.basename(os.path.join(settings.MEDIA_ROOT, 'attachments/'+slug))
return response
Apache throws a 403 no matter if the user is logged in.
Via the develoment-server i can access the view, but no data will get transmitted.
What is wrong?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我试图做几乎完全相同的事情,结果证明解决方案不是使用 WSGIScriptAlias,而是使用定义 wsgi 处理程序的目录的常规别名。对于视图,我基本上只是围绕 django.views.static.serve 编写了一个包装器。
我的 apache conf 最终看起来像这样:
I was trying to do pretty much exactly the same thing, and the solution turned out to be not using WSGIScriptAlias, and instead using a regular Alias to a directory that defined a wsgi handler. For the view I basically just wrote a wrapper around django.views.static.serve.
My apache conf ended up looking like this:
首先尝试专注于开发服务器 - 因为它的设置更简单,因此更不容易出错。
也许可以尝试这个:
但是通过使用开发服务器,您将不会获得任何文件服务,因为 Apache 将执行文件服务。
您只需确保发送到 apache 的数据是正确的即可。
或者使用(不推荐用于您的生产服务器)
而不是
一些链接:
Try to concentrate on the development server first - since it is a simpler setup and thus less error prone.
Perhaps try this:
But by using the dev server you won't get any files served, since Apache will do the file serving.
You can just ensure, the data sent to apache is correct.
Or use (not recommended for your production server)
instead of
Some Links: