1

我正在用 django/tastpie 构建一个 RESTful api。在我的开发(本地)环境中运行时,一切正常,并且验证正确。

Marks-MacBook-Pro:~ mshust$ curl http://127.0.0.1:8000/api/v1/speedscreen/ -H 'Authorization: Basic bXNodXN0MToyMjY3' -v
* About to connect() to 127.0.0.1 port 8000 (#0)
        *   Trying 127.0.0.1...
        * connected
        * Connected to 127.0.0.1 (127.0.0.1) port 8000 (#0)
                > GET /api/v1/speedscreen/ HTTP/1.1
                > User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
                > Host: 127.0.0.1:8000
                > Accept: */*
                > Authorization: Basic bXNodXN0MToyMjY3
>
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Date: Thu, 09 Aug 2012 01:36:05 GMT
< Server: WSGIServer/0.1 Python/2.7.2
< Content-Type: application/json; charset=utf-8
<
* Closing connection #0
{"meta": {"limit": 20, "next": null, "offset": 0, "previous": null, "total_count": 0}, "objects": []}

但是,当我在生产服务器上运行它时(apache + wsgi over https),我不断收到 401 Unauthorized 响应(出于安全原因更改了域/IP)

Marks-MacBook-Pro:~ mshust$ curl https://www.domain.com/api/speedscreen/ -H 'Authorization: Basic bXNodXN0MToyMjY3' -v
* About to connect() to www.domain.com port 443 (#0)
*   Trying 231.23.102.140...
* connected
* Connected to www.domain.com (231.23.102.140) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using DHE-RSA-AES256-SHA
* Server certificate:
*    subject: O=www.domain.com; OU=Domain Control Validated; CN=www.domain.com
*    start date: 2012-07-18 13:30:31 GMT
*    expire date: 2014-07-18 13:30:31 GMT
*    subjectAltName: www.domain.com matched
*    issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.; OU=http://certificates.godaddy.com/repository; CN=Go Daddy Secure Certification Authority; serialNumber=07969287
*    SSL certificate verify ok.
> GET /api/speedscreen/ HTTP/1.1
> User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
> Host: www.domain.com
> Accept: */*
> Authorization: Basic bXNodXN0MToyMjY3
> 
< HTTP/1.1 401 UNAUTHORIZED
< Date: Thu, 09 Aug 2012 01:36:00 GMT
< Server: Apache/2.2.22 (Ubuntu)
< Vary: Accept-Encoding
< Content-Length: 0
< Content-Type: text/html; charset=utf-8
< 
* Connection #0 to host www.domain.com left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):

有人知道这里会发生什么吗?我完全被难住了。

谢谢,马克

4

1 回答 1

9

通常,对于 cURL,基本身份验证是这样完成的:

curl -u "user:password"

也许在你的情况下:

curl -u "bXNodXN0MToyMjY3"

如果将其更改为该格式不起作用,则可能您在.htaccess文件或 apache 配置中设置了基本身份验证,它在进入您的 WSGI 应用程序之前获取了身份验证。

此外,对于 apache 和 mod_wsgi,您需要根据这篇文章WSGIPassAuthorization On添加设置。

于 2012-08-09T02:52:22.007 回答