Pass Authorization headers in fastcgi application

By default, mod_fcgi doens't allow the Authorization header, so
enable -pass-header, and handle the different header name in the
xmlrpc view

Signed-off-by: Jeremy Kerr <jk@ozlabs.org>

diff --git a/apps/patchwork/views/xmlrpc.py b/apps/patchwork/views/xmlrpc.py
index f493cf780f4dc66382ee5bc39077d3e2d116e67a..f7a8dac8381ca1c74dd01da09709ae3ca8367898 100644 (file)
--- a/apps/patchwork/views/xmlrpc.py
+++ b/apps/patchwork/views/xmlrpc.py
@@ -51,10 +51,18 @@ class PatchworkXMLRPCDispatcher(SimpleXMLRPCDispatcher):
 
 
     def _user_for_request(self, request):
-        if not request.META.has_key('HTTP_AUTHORIZATION'):
+       auth_header = None
+
+        if request.META.has_key('HTTP_AUTHORIZATION'):
+           auth_header = request.META.get('HTTP_AUTHORIZATION')
+        elif request.META.has_key('Authorization'):
+           auth_header = request.META.get('Authorization')
+
+       if auth_header is None or auth_header == '':
             raise Exception("No authentication credentials given")
 
-        str = request.META.get('HTTP_AUTHORIZATION').strip()
+        str = auth_header.strip()
+
         if not str.startswith('Basic '):
             raise Exception("Authentication scheme not supported")
 

diff --git a/lib/apache2/patchwork.fastcgi.conf b/lib/apache2/patchwork.fastcgi.conf
index 78d8147a8f172a8d5d45bf289cec74eeea50fb76..a739164db990d2fcdbda1ff1d7b6654b6e038689 100644 (file)
--- a/lib/apache2/patchwork.fastcgi.conf
+++ b/lib/apache2/patchwork.fastcgi.conf
@@ -4,7 +4,7 @@ NameVirtualHost patchwork.example.com:80
 
        Alias /media/ /srv/patchwork/lib/python/django/contrib/admin/media/
 
-       FastCGIExternalServer /srv/patchwork/htdocs/patchwork.fcgi -socket /srv/patchwork/var/fcgi.sock
+       FastCGIExternalServer /srv/patchwork/htdocs/patchwork.fcgi -socket /srv/patchwork/var/fcgi.sock -pass-header Authorization
 
        RewriteEngine On
        RewriteCond %{REQUEST_URI} !^/(images|css|js|media)/.*