Pyramid 应用程序中的基本/摘要式 HTTP 身份验证
我有一个非常简单的金字塔应用程序(我的第一个),我想使用基本/摘要 HTTP 身份验证(通用登录弹出窗口)“锁定”几个视图可调用对象。此应用程序将仅由一个用户管理。所以我想要一个非常基本的安全性。
我已经阅读了有关 Pyramid 身份验证策略、AuthKit、repoze.who 等的理论。但是仍然有人可以给我一个 Pyramid 应用程序中非常非常基本的安全性的简单示例/想法,只是为了锁定世界上有几个可调用的对象?
注意:如果其他人通过 Nginx 对 wsgi-app 进行基本身份验证,并且您使用了 Cookbook conf 使用上游运行您的应用程序,当成功验证 Nginx 后,您可能会遇到问题404. 您所要做的就是将您的受限位置指向同一个上游:
location /restricted {
proxy_pass http://myapp-site;
auth_basic "Restricted";
auth_basic_user_file htpasswd;
}
I have a very simple Pyramid app (my first one) and I'd like to 'lock' a couple of view callables with Basic/Digest HTTP Authentication (the generic login popup). This app will be administered by just one user. So I'd like a very basic security.
I've read theory about Pyramid's Authentication Policy, AuthKit, repoze.who, etc. But still can someone give me a simple example/idea of a very very basic security in a Pyramidd app, just to lock several vew callables from the world?
Note: If somebody else is doing Basic Auth for a wsgi-app through Nginx and you used Cookbook conf to run your app with upstream, you may confront an issue when after successful authentication Nginx leads you to 404. All you have to do is point your restricted location to the same upstream:
location /restricted {
proxy_pass http://myapp-site;
auth_basic "Restricted";
auth_basic_user_file htpasswd;
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
如果您只有一个管理员的“/admin”部分,您可以将 nginx 配置为反向代理 身份验证。
在向全世界开放之前,我用它来“保护”演示网站的公共部分。
优点是您可以使用完全相同的方法来为 Django 或 Pylons 应用程序提供服务,并且它非常简单而强大。
If you only have say one "/admin" section with one administrator you can configure nginx as a reverse proxy with authentication.
I'm using this to "protect" public sections of demo sites before opening to the whole world.
The advantage is that you can use exactly the same method for serving Django or Pylons applications, and it's very simple yet robust.