Django oauth toolkit not work with apache

Question

I use django restframework & django-oauth-toolkit
I test my code on localhost ,the api works well

This is the response header:

Allow → GET, POST, HEAD, OPTIONS
Content-Type → application/json
Date → Wed, 11 Nov 2015 09:41:50 GMT
Server → WSGIServer/0.1 Python/2.7.10
Vary → Accept, Authorization, Cookie
X-Frame-Options → SAMEORIGIN

But I put the project on virtual machine with apache
The oauth not work. I use the right token ,but got 401 UNAUTHORIZED

{
  "detail": "Authentication credentials were not provided."
}

This is the response header:

Allow → GET, POST, HEAD, OPTIONS
Connection → Keep-Alive
Content-Length → 58
Content-Type → application/json
Date → Wed, 11 Nov 2015 09:40:37 GMT
Keep-Alive → timeout=5, max=100
Server → Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.5
Vary → Accept,Authorization
WWW-Authenticate → Bearer realm="api"
X-Frame-Options → SAMEORIGIN

Why would this happen??? Please guide me

settings.py

OAUTH2_PROVIDER = {
    'SCOPES': {'read': 'Read scope', 'write': 'Write scope', 'groups': 'Access to your groups'},
}


AUTHENTICATION_BACKENDS = (
    'django.contrib.auth.backends.ModelBackend',
    'oauth2_provider.backends.OAuth2Backend',
)


REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'oauth2_provider.ext.rest_framework.OAuth2Authentication',
    )
}

Answer 1

If you are using mod_wsgi, you probably need to add somewhere:

WSGIPassAuthorization On

In AWS elasticbeanstalk a dirty way of patching apache's config is adding this command to your .ebextensions/your-environemnt.conf:

commands:
  00_WSGIPassAuthorization:
    command: sed -i.bak '/WSGIScriptAlias/ aWSGIPassAuthorization On' config.py
    cwd: /opt/elasticbeanstalk/hooks

dirty because it adds one line every time you reload the server.

related Authorization Credentials Stripped --- django, elastic beanstalk, oauth