You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Rodney Hampton <ha...@comcast.net> on 2002/10/16 19:21:20 UTC
$r->requires
Does anyone have an example of how to use $r->requires?
I cannot find Apache::AuthzAge for an example of its use.
I'm trying to handle all my location directive specific stuff in a
TransHandler and simply want to
set require valid-user for some specific paths.
Thanks,
Rodney Hampton
Re: $r->requires
Posted by Geoffrey Young <ge...@modperlcookbook.org>.
[snip]
> Despite not having a location tag anywhere, nor a require valid-user
> directive, the above code
> is able to accomplish my objective: loading an AccessHandler on the fly
> from the TransHandler for specific urls on my site.
> Although, I must
> admit that I'm not sure why it is working. _check_access is within the
> same TransHandler module
> so my assumption is that the reference to this sub gets executed
> immediately and the result (OK DONE or DECLINED) gets shoved into the
> set_handlers('PerlAccessHandler' => 'result gets shoved here') and then
> my stacked TransHandler proceeds to the next module
> (Apache::Control_admin).
>
> Any explanation of why this actually works would be appreciated.
the PerlAccessHandler runs whether or not there is a Requires
directive configured - its the PerlAuthenHandler and PerlAuthzHandler
that will not. I had assumed that since you wanted $r->requires that
you were talking about a PerlAuth*Handlers, which is the proper place
to check for username/password match and/or other user criteria.
HTH
--Geoff
Re: $r->requires
Posted by Rodney Hampton <ha...@comcast.net>.
Geoffrey Young wrote:
>
> $r->requires() is read-only. conditional authentication is a bit
> counterintuitive - you can't set up authentication where it doesn't
> already exist because Apache won't run the authentication phase
> without a Require directive in your httpd.conf. the solution is to
> turn on authentication for everything, then turn it off where you
> don't need/want it. see recipe 13.5 in the cookbook for more details.
> the code for 13.5 can be found here:
>
Geoffrey,
Thanks for the tip. Allow me to flesh out this example a bit and the
solution I employed (thanks to Kip Cranford for having some helpful code
I was able to look at). Basically I'm creating a site where /admin and
/advertiser should have login forms for administrative users and
advertisers respectively while everything under / should not require any
type of access control.
Within the PerlTransHandler:
my $action = $r->uri;
#must strip of the leading slash
$action =~ s/^\///;
my ( $type, @directions ) = (split /\//, $action);
if ($type eq 'admin'){
my ( $ret, $error_data ) = check_handlers( ['Apache::Control_admin'] );
if ($ret) {
$r->set_handlers( 'PerlAccessHandler' => [\&_check_access] );
$r->push_handlers( 'PerlTransHandler' => 'Apache::Control_admin' );
$r->filename( $r->server_root_relative . "htdocs" );
return DECLINED;
} else {
$r->pnotes( 'ap_error_data_h', $error_data );
my $redir = "http://" . $r->pnotes('ap_server_name_s') . "/error";
$log->debug("Doing internal redirect to /error");
$r->internal_redirect($redir);
$r->filename( $r->server_root_relative . "" );
return DONE;
} ## end else
#end type eq ceoadmin
}elsif ($type eq 'advertiser' ){
....blah blah blah
Despite not having a location tag anywhere, nor a require valid-user
directive, the above code
is able to accomplish my objective: loading an AccessHandler on the fly
from the TransHandler for specific urls on my site. Although, I must
admit that I'm not sure why it is working. _check_access is within the
same TransHandler module
so my assumption is that the reference to this sub gets executed
immediately and the result (OK DONE or DECLINED) gets shoved into the
set_handlers('PerlAccessHandler' => 'result gets shoved here') and then
my stacked TransHandler proceeds to the next module
(Apache::Control_admin).
Any explanation of why this actually works would be appreciated.
Rodney Hampton
Re: $r->requires
Posted by Geoffrey Young <ge...@modperlcookbook.org>.
Rodney Hampton wrote:
> Does anyone have an example of how to use $r->requires?
see recipe 13.6 in the cookbook, the code for which can be found here:
http://www.modperlcookbook.org/code/ch13/Cookbook/AuthzRole.pm
> I cannot find Apache::AuthzAge for an example of its use.
> I'm trying to handle all my location directive specific stuff in a
> TransHandler and simply want to
> set require valid-user for some specific paths.
$r->requires() is read-only. conditional authentication is a bit
counterintuitive - you can't set up authentication where it doesn't
already exist because Apache won't run the authentication phase
without a Require directive in your httpd.conf. the solution is to
turn on authentication for everything, then turn it off where you
don't need/want it. see recipe 13.5 in the cookbook for more details.
the code for 13.5 can be found here:
http://www.modperlcookbook.org/code/ch13/Cookbook/PassLocalIP.pm
see also the Satisfy directive
http://httpd.apache.org/docs/mod/core.html#satisfy
if you're only looking to do conditional authentication based on IP
addresses/hostnames.
HTH
--Geoff