diff options
author | Sviatoslav Sydorenko <wk@sydorenko.org.ua> | 2018-04-22 19:16:29 +0200 |
---|---|---|
committer | Sviatoslav Sydorenko <wk@sydorenko.org.ua> | 2018-04-22 19:16:29 +0200 |
commit | 19228694516bd4255540d9429c6c6b4a8611fb9c (patch) | |
tree | ad4fb0bad7670acfcefc37edb8971d8a6ea7d446 | |
parent | 13e9f4019707722318e27e3574f67c837ecf60c1 (diff) | |
download | cherrypy-git-19228694516bd4255540d9429c6c6b4a8611fb9c.tar.gz |
Update doc about auth methods
-rw-r--r-- | docs/basics.rst | 37 |
1 files changed, 34 insertions, 3 deletions
diff --git a/docs/basics.rst b/docs/basics.rst index 8603cff3..3086af3b 100644 --- a/docs/basics.rst +++ b/docs/basics.rst @@ -752,9 +752,10 @@ encoded. Authentication ############## -CherryPy provides support for two very simple authentication mechanisms, -both described in :rfc:`2617`: Basic and Digest. They are most commonly -known to trigger a browser's popup asking users their name +CherryPy provides support for two very simple HTTP-based +authentication mechanisms, described in :rfc:`7616` and :rfc:`7617` +(which obsoletes :rfc:`2617`): Basic and Digest. They are most +commonly known to trigger a browser's popup asking users their name and password. Basic @@ -823,6 +824,36 @@ basic one explained above. cherrypy.quickstart(myapp, '/', conf) +SO_PEERCRED +^^^^^^^^^^^ + +There's also a low-level authentication for UNIX file and abstract +sockets. This is how you enable it: + +.. code-block:: ini + + [global] + server.peercreds: True + server.peercreds_resolve: True + server.socket_file: /var/run/cherrypy.sock + +``server.peercreds`` enables looking up the connected process ID, +user ID and group ID. They'll be accessible as WSGI environment +variables:: + + * ``X_REMOTE_PID`` + + * ``X_REMOTE_UID`` + + * ``X_REMOTE_GID`` + +``server.peercreds_resolve`` resolves that into user name and group +name. They'll be accessible as WSGI environment variables:: + + * ``X_REMOTE_USER`` and ``REMOTE_USER`` + + * ``X_REMOTE_GROUP`` + Favicon ####### |