Authorization header missing in django rest_framework, is apache to blame?

by

If you are using Apache and mod_wsgi, then I found the easy solution to this in the official Django REST framework website

Apache mod_wsgi specific configuration

Note that if deploying to Apache using mod_wsgi, the authorization header is not passed through to a WSGI application by default, as it is assumed that authentication will be handled by Apache, rather than at an application level.

If you are deploying to Apache, and using any non-session based authentication, you will need to explicitly configure mod_wsgi to pass the required headers through to the application. This can be done by specifying the WSGIPassAuthorization directive in the appropriate context and setting it to ‘On’.

# this can go in either server config, virtual host, directory or .htaccess 
WSGIPassAuthorization On

More Related Contents:

  1. How can I implement rate limiting with Apache? (requests per second)
  2. Apache 2.4 + PHP-FPM and Authorization headers
  3. Apache2 ProxyPass for Rails App Gitlab
  4. Need to allow encoded slashes on Apache
  5. apache to tomcat: mod_jk vs mod_proxy
  6. Apache won’t follow symlinks (403 Forbidden)
  7. Can’t remove Server: Apache header
  8. How do I configure Apache2 to allow multiple simultaneous connections from same IP address?
  9. How to disable mod_deflate in apache2?
  10. Apache + Node.js + mod_proxy. How to route one domain to :3000 and another to :80
  11. .htaccess: how to restrict access to a single file by IP?
  12. Apache + Tomcat: Using mod_proxy instead of AJP
  13. URL rewriting for different protocols in .htaccess
  14. tunneling secure websocket connections with apache
  15. .htaccess: Invalid command ‘RewriteEngine’, perhaps misspelled or defined by a module not included in the server configuration
  16. Apache 301 Redirect and preserving post data
  17. What is apache’s maximum url length?
  18. Removing the .php extension with mod_rewrite
  19. @font-face fonts only work on their own domain
  20. Case Insensitive URLs with mod_rewrite
  21. www-data permissions?
  22. WAMP 403 Forbidden message on Windows 7
  23. How to restrict access by IP address with Tomcat?
  24. What is .htaccess file?
  25. rewrite rules for apache 2 to use with angular js
  26. XAMPP apache server is not starting after Skype installation
  27. Apache default VirtualHost
  28. How can I pre-compress files with mod_deflate in Apache 2.x?
  29. How to stop Chrome from redirecting to HTTPS?
  30. Difference between $1 vs %1 in .htaccess

Leave a Comment