You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Andrew Green <an...@article7.co.uk> on 2011/03/23 14:24:11 UTC
Using add_config to trigger authentication
Hi all,
I'm putting together a mp2 application where I'd like to trigger authentication from within a PerlTransHandler, and not from httpd.conf.
As I understand it, the following should work:
-----
use Apache2::RequestUtil ();
$r->add_config(['require valid-user']);
$r->push_handlers(PerlAuthenHandler => 'My::App::Authen');
$r->push_handlers(PerlAuthzHandler => 'My::App::Authz');
-----
But the authen handler doesn't get called. If I add the require line to httpd conf, it does.
I've tried including AuthName and AuthType in the call to add_config, moving this to a PerlPostReadRequestHandler, setting PerlOptions +GlobalRequest and other tricks, to no avail.
$r->get_handlers('PerlAuthenHandler') confirms that the handler is set, and $r->requires (using Apache2::Access) indicates that the valid-user requirement has actually been set.
I'm running mod_perl 2.0.4, perl 5.12.3 and Apache 2.2.17 on Fedora 14.
What am I missing? Is there something else that could prevent this from working, when it works just fine if I set requires in httpd.conf?
Any pointers would be very much appreciated!
Thanks,
Andrew.
Re: Using add_config to trigger authentication
Posted by Andrew Green <an...@article7.co.uk>.
Hi all,
On 23 Mar 2011, at 20:38, I wrote:
> Actually, even the following causes a segfault:
>
> $r->push_handlers(PerlMapToStorageHandler => Apache2::Const::DECLINED);
Nope, I'm wrong -- that segfaults if I call it from a PerlPostReadRequestHandler, but not from a PerlTransHandler. I'd moved things around in my experiments earlier!
Thanks so much again for the help and advice.
Cheers,
Andrew.
--
Andrew Green
Article Seven Limited
http://www.article7.co.uk/
Article Seven Limited is a registered company in England and Wales. Registered number: 5703656. Registered office: 73 Lassell Street, Greenwich, London, SE10 9PJ.
Re: Using add_config to trigger authentication
Posted by Andrew Green <an...@article7.co.uk>.
Hi Torsten,
On 23 Mar 2011, at 15:02, Torsten Förtsch wrote:
>> Interestingly, adding a PerlMapToStorageHandler caused a segfault
>
> Does your code by chance return Apache2::Const::OK? If so, try to change it to
> DECLINED.
Actually, even the following causes a segfault:
$r->push_handlers(PerlMapToStorageHandler => Apache2::Const::DECLINED);
> The problem with the PerlHeaderParserHandler is that it is skipped for
> subrequests. That might in your case affect security.
Thanks -- that's very useful to know.
Cheers,
Andrew.
--
Andrew Green
Article Seven Limited
http://www.article7.co.uk/
Article Seven Limited is a registered company in England and Wales. Registered number: 5703656. Registered office: 73 Lassell Street, Greenwich, London, SE10 9PJ.
Re: Using add_config to trigger authentication
Posted by Torsten Förtsch <to...@gmx.net>.
On Wednesday, March 23, 2011 15:26:48 Andrew Green wrote:
> Interestingly, adding a PerlMapToStorageHandler caused a segfault
Does your code by chance return Apache2::Const::OK? If so, try to change it to
DECLINED. A PerlMapToStorageHandler returning OK prevents the core map2storage
handler to be run. Thus, $r->filename, $r->finfo and $r->pathinfo may be
unset. This may cause the segfault.
The problem with the PerlHeaderParserHandler is that it is skipped for
subrequests. That might in your case affect security.
Torsten Förtsch
--
Need professional modperl support? Hire me! (http://foertsch.name)
Like fantasy? http://kabatinte.net
Re: Using add_config to trigger authentication
Posted by Andrew Green <an...@article7.co.uk>.
Hi,
On 23 Mar 2011, at 13:42, Torsten Förtsch wrote:
>> I'm putting together a mp2 application where I'd like to trigger
>> authentication from within a PerlTransHandler, and not from httpd.conf.
>
> This won't work in a PerlTransHandler because between trans and maptostorage
> the request configuration made so far is thrown away and reset to the default
> server config. Move those lines to a PerlMapToStorage handler and it should
> work assuming that there are no other directives overriding them in .htaccess
> files or similar.
Thanks so much, Torsten -- you're a star!
Interestingly, adding a PerlMapToStorageHandler caused a segfault, but using a PerlHeaderParserHandler instead (with identical code) worked like a dream.
Cheers,
Andrew.
--
Andrew Green
Article Seven Limited
http://www.article7.co.uk/
Article Seven Limited is a registered company in England and Wales. Registered number: 5703656. Registered office: 73 Lassell Street, Greenwich, London, SE10 9PJ.
Re: Using add_config to trigger authentication
Posted by Torsten Förtsch <to...@gmx.net>.
On Wednesday, March 23, 2011 14:24:11 Andrew Green wrote:
> I'm putting together a mp2 application where I'd like to trigger
> authentication from within a PerlTransHandler, and not from httpd.conf.
>
> As I understand it, the following should work:
>
> -----
>
> use Apache2::RequestUtil ();
>
> $r->add_config(['require valid-user']);
>
> $r->push_handlers(PerlAuthenHandler => 'My::App::Authen');
> $r->push_handlers(PerlAuthzHandler => 'My::App::Authz');
This won't work in a PerlTransHandler because between trans and maptostorage
the request configuration made so far is thrown away and reset to the default
server config. Move those lines to a PerlMapToStorage handler and it should
work assuming that there are no other directives overriding them in .htaccess
files or similar.
Torsten Förtsch
--
Need professional modperl support? Hire me! (http://foertsch.name)
Like fantasy? http://kabatinte.net