mod_wsgi and the HTTP Authorization header

A friendly reminder for myself to RTFD!

If one is building a WSGI application on mod_wsgi and one wants this WSGI application to handle HTTP authentication, it is likely that one will need access to the "Authorization" HTTP header at some point. Had one read the documentation, one would have already understood that mod_wsgi does not pass this header to your WSGI application by default. This is probably a very good thing.

To tell mod_wsgi to pass the Authorization header through to your application, just set the ...

Read more