Piston + HTTP Authentication + mod_FastCGI

I’ve spent much more time than necessary on this issue, so if it can help someone, I’m posting a working config for Django Piston + Apache’s mod_fastcgi + HTTP Basic Authentication.

Works with :

  • Apache 2.0.63
  • Django 1.2.3
  • Piston 0.2.2

I’ve updated the default config file found on the official Django website:

FastCGIExternalServer /project/dir/mysite.fcgi -socket /project/dir/mysite.sock -pass-header Authorization

<VirtualHost 123.456.78.9>
ServerName servername.com
DocumentRoot /project/dir
Alias /media /project/dir/media
RewriteEngine On
RewriteRule ^/(media.*)$ /$1 [QSA,L,PT]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ /mysite.fcgi/$1 [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},QSA,L]

tl;dr: -pass-header Authorization and [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},QSA,L]