repoze.who ¶

repoze.who is an pluggable "identification and authentication framework for arbitrary WSGI applications." It operates as WSGI middleware.

As middleware, repoze.who touches each request and response to/from the application. In ingress, it "conditionally places identification and authentication information (including a REMOTE_USER value) into the WSGI environment." In egress, the middleware examines the WSGI environment and HTTP headers and conditionally challenges for credentials.