Authorization Header with mod_wsgi

Trying to use the Authorization header with a WSGI application (e.g. using token authentication with Django REST Framework) with Apache and mod_wsgi? It doesn’t work or it falsely uses the sessionid Cookie instead? Either make sure your TokenAuthorization is tried before the SessionAuthentication or ensure that Apache is configured to pass the Authorization header to your Python app:

WSGIPassAuthorization On

This also explained way better in the DRF docs which sadly I found out about a little too late:
http://www.django-rest-framework.org/api-guide/authentication/#apache-mod_wsgi-specific-configuration

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s