You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by yp...@club-internet.fr on 2006/03/10 18:31:47 UTC
Re: Modperl2 + PerlAccessHandler + Sending Cookie
I'm generating the cookie with CGI::Cookie().
I think the problem is elsewhere
>From a PerlResponseHandler, the method I described works,
but I got the problem within a PerlAccessHandler.
Should I delegate the cookie generation to the PerlResponseHandler ?
Younes
---Message d'origine----
>Date: Fri, 10 Mar 2006 09:04:58 -0800 (PST)
>Sujet: Re: Re: Modperl2 question
>De: "Fred Moyer" <fr...@taperfriendlymusic.org>
>A: yperl@club-internet.fr
>Copie à: modperl@perl.apache.org
>There's a few recipes here:
>http://perl.apache.org/docs/2.0/user/coding/cooking.html#Sending_Cookies_Using_libapreq2
>How are you generating $cookie. You'll likely want to add the cookie in
>any case, to update certain values or timestamps, I can't think of a case
>where I haven't done so. You may want to look at Apache2::AuthCookie
>which is a fully functional module to do exactly this
----Message d'origine----
>De: yperl@club-internet.fr
>A: yperl@club-internet.fr
>Sujet: Modperl2 + PerlAccessHandler + Sending Cookie
>Date: Fri, 10 Mar 2006 18:06:23 +0100
>
>Hi All!
>
>I'm wondering if there is a correct way to send a cookie in a PerlAccessHandler.
>
>I've tried something like:
>$r->headers_out->add('Set-Cookie' => $cookie);
>and even:
>$r->err_headers_out->add('Set-Cookie' => $cookie);
>
>whithout success
>
>I would like to send the cookie if it doesn't exists and
>leave in the request if it already exists.
>
>Any idea?
>
>Thanks
>Younes
>
Re: Modperl2 + PerlAccessHandler + Sending Cookie
Posted by Fred Moyer <fr...@redhotpenguin.com>.
On Mon, 13 Mar 2006, Foo Ji-Haw wrote:
> Hello Fred,
>
> Ok, the 12 layers of Apache is as cool as the OSI layers. Let's say that in
> my PerlAuthzHandler I verified the user via a cookie (given to the client
You will want to use a PerlAuthenHandler to authenticate the user.
> during login). It sounds like double work to retrieve the user details again
> during the PerlResponseHandler phase (I have to do that to process the page
Cache the user details in $r->pnotes in your PerlAuthenHandler so that you
do not have to retrieve the user details again.
> based on the user). Following the mailing list thread, is the only/ preferred
> way to use the bucket brigade?
Re: Modperl2 + PerlAccessHandler + Sending Cookie
Posted by Foo Ji-Haw <jh...@extracktor.com>.
Hello Fred,
Ok, the 12 layers of Apache is as cool as the OSI layers. Let's say that
in my PerlAuthzHandler I verified the user via a cookie (given to the
client during login). It sounds like double work to retrieve the user
details again during the PerlResponseHandler phase (I have to do that to
process the page based on the user). Following the mailing list thread,
is the only/ preferred way to use the bucket brigade?
Fred Moyer wrote:
> On Mon, 13 Mar 2006, Foo Ji-Haw wrote:
>> Wow, a little tangent to the topic here: I didn't know that you can
>> do this
>> PerlResponseHandler Apache2::Const::OK
>> Is that 'legal'? It's interesting to know, but I wouldn't know of a
>> practical use for this trick.
>
> Specifying a return code for a handler phase is perfectly legal. I
> first saw this technique used in 'PerlMapToStorageHandler
> Apache2::Const::OK' to skip the request phase which maps the uri to a
> location on disk, but you can use it with any phase.
>
>> Last question: is it a best practice to do the user and access
>> authentication check at the PerlAccessHandler level? I like the idea
>> (obviously I've not been trying this way). A single authentication
>> module that can be used across various PerlResponseHandler. Easy to
>> maintain and propogate.
>
> The PerlAccessHandler phase runs in the same phase of the request
> cycle as Apache's mod_access module, and is meant to handle the
> request based on IP and domain information. In httpd.conf, you can
> say 'Order Allow, Deny',
> 'Deny from 123.456.789.012', or you can use the PerlAccessHandler
> phase and
> examine the request IP and accomplish the same functionality ( see
> http://perl.apache.org/docs/2.0/user/handlers/http.html#PerlAccessHandler).
> It is best practice to do access checks.
>
> Best practice for user authentication is to use PerlAuthenHandler, and
> best practice for user authorization is the PerlAuthzHandler. This
> way, you can modify the request, and return DECLINED, and Apaches
> authen and authz modules can do additional checks on those phases of
> the request. Or you can do authen/authz only in the mod_perl phases
> and return OK or UNAUTHORIZED and skip Apache's auth/authz modules.
>
> Each phase in this diagram -
> http://perl.apache.org/docs/2.0/user/handlers/http.html#HTTP_Request_Cycle_Phases
>
> - has a corresponding hook in Apache which runs after mod_perl if
> DECLINED is returned. This is one of mod_perl's greatest strengths.
Re: Modperl2 + PerlAccessHandler + Sending Cookie
Posted by Fred Moyer <fr...@redhotpenguin.com>.
On Mon, 13 Mar 2006, Foo Ji-Haw wrote:
> Wow, a little tangent to the topic here: I didn't know that you can do this
> PerlResponseHandler Apache2::Const::OK
> Is that 'legal'? It's interesting to know, but I wouldn't know of a practical
> use for this trick.
Specifying a return code for a handler phase is perfectly legal. I first
saw this technique used in 'PerlMapToStorageHandler Apache2::Const::OK' to
skip the request phase which maps the uri to a location on disk, but you
can use it with any phase.
> Last question: is it a best practice to do the user and access authentication
> check at the PerlAccessHandler level? I like the idea (obviously I've not
> been trying this way). A single authentication module that can be used across
> various PerlResponseHandler. Easy to maintain and propogate.
The PerlAccessHandler phase runs in the same phase of the request cycle as
Apache's mod_access module, and is meant to handle the request based on IP
and domain information. In httpd.conf, you can say 'Order Allow, Deny',
'Deny from 123.456.789.012', or you can use the PerlAccessHandler phase and
examine the request IP and accomplish the same functionality ( see
http://perl.apache.org/docs/2.0/user/handlers/http.html#PerlAccessHandler).
It is best practice to do access checks.
Best practice for user authentication is to use PerlAuthenHandler, and
best practice for user authorization is the PerlAuthzHandler. This way,
you can modify the request, and return DECLINED, and Apaches authen and
authz modules can do additional checks on those phases of the request. Or
you can do authen/authz only in the mod_perl phases and return OK or
UNAUTHORIZED and skip Apache's auth/authz modules.
Each phase in this diagram -
http://perl.apache.org/docs/2.0/user/handlers/http.html#HTTP_Request_Cycle_Phases
- has a corresponding hook in Apache which runs after mod_perl if DECLINED
is returned. This is one of mod_perl's greatest strengths.
Re: Modperl2 + PerlAccessHandler + Sending Cookie
Posted by Foo Ji-Haw <jh...@extracktor.com>.
Wow, a little tangent to the topic here: I didn't know that you can do this
PerlResponseHandler Apache2::Const::OK
Is that 'legal'? It's interesting to know, but I wouldn't know of a
practical use for this trick.
Another question: why do you use CGI::Cookie in place of Apache2::Cookie?
Last question: is it a best practice to do the user and access
authentication check at the PerlAccessHandler level? I like the idea
(obviously I've not been trying this way). A single authentication
module that can be used across various PerlResponseHandler. Easy to
maintain and propogate.
Fred Moyer wrote:
> yperl wrote:
>> unfortunately no. I've already tried this.
>
> Sometimes bad cookies leave no crumbs and are especially hard to track
> down. I'm guessing this has to do with the specifics of your cookie
> values - can you show us the exact code you used to create it?
>
> I was able to successfully bake a cookie from a PerlAccessHandler with
> the following code:
>
> package Cookie::Monster;
>
> use strict;
> use warnings;
>
> use Apache2::Const -compile => qw( OK );
> use CGI::Cookie;
>
> sub handler {
> my $r = shift;
> my $cookie = new CGI::Cookie( -name => 'ID', -value => 123456 );
> $r->headers_out->add('Set-Cookie' => $cookie );
> return Apache2::Const::OK;
> }
>
> 1;
>
> httpd.conf
>
> <Location /test>
> SetHandler modperl
> PerlAccessHandler Cookie::Monster
> PerlResponseHandler Apache2::Const::OK
> </Location>
>
> Headers output:
>
> GET /test/ HTTP/1.1
> Host: localhost:7777
> User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12)
> Gecko/20051201 Firefox/1.0.7
> Accept:
> text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
>
> Accept-Language: en-us,en;q=0.5
> Accept-Encoding: gzip,deflate
> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Keep-Alive: 300
> Connection: keep-alive
> Cookie: ID=123456
> Cache-Control: max-age=0
>
>>
>> Frank Wiles a écrit :
>>> On Sat, 11 Mar 2006 02:42:20 +0100
>>> yperl <yp...@club-internet.fr> wrote:
>>>
>>>
>>>> I've tried everything I found (in mailing lists, suggestions, web doc)
>>>> to send cookie from a PerlAccessHandler, but without success.
>>>>
>>>> Before giving up, I would like to have an answer from the mod_perl2
>>>> authors if it is possible.
>>>>
>>>> [snip]
>>>>
>>>> if ( grantAccess() ) {
>>>>
>>>> $r->headers_out->{'Set-Cookie'} = $cookie;
>>>> return Apache2::Const::OK;
>>>> }
>>>>
>>>
>>> Shouldn't that be:
>>> $r->headers_out->add('Set-Cookie' => $cookie );
>>> ---------------------------------
>>> Frank Wiles <fr...@wiles.org>
>>> http://www.wiles.org
>>> ---------------------------------
>>>
>>>
>>
>
Re: Modperl2 + PerlAccessHandler + Sending Cookie
Posted by yperl <yp...@club-internet.fr>.
Hi Geoffrey !
Nothing's wrong.
I think that happens because I'm using a bleding edge Apache 2.2.0,
mod_perl from svn, Perl 5.8.8 ...
I preferer put double checks in my getCookie() to deal with both situations.
I know that Cookie is a request header, but this is the uniq solution I
found after
2 days of investigations. If you've more elegant solution, I'll try it
imediatly.
Hope this strange behaviour appears only on my box 8-)
/cheers
Younes
Geoffrey Young a écrit :
> yperl wrote:
>
>> Finally I come with a working solution.
>>
>> sub getCookie {
>>
>> my ( $r ) = @_;
>>
>> # check for both 'Cookie' and 'Set-Cookie' HTTP headers
>> return $r->headers_in->{'Cookie'} || $r->headers_in->{'Set-Cookie'};
>> }
>>
>
> but that's just wrong :)
>
> Set-Cookie is a response header, so it will be set in $r->headers_out when
> the server decides to send a cookie to the client. Cookie is a request
> header, so you glean it from $r->headers_in if the client has one to give
> you. you'll never see Set-Cookie in $r->headers_in unless someone has made
> a grave mistake.
>
> you can see the gory details in the rfc
>
> http://www.ietf.org/rfc/rfc2109.txt
>
> HTH
>
> --Geoff
>
>
Re: Modperl2 + PerlAccessHandler + Sending Cookie
Posted by Geoffrey Young <ge...@modperlcookbook.org>.
yperl wrote:
> Finally I come with a working solution.
>
> sub getCookie {
>
> my ( $r ) = @_;
>
> # check for both 'Cookie' and 'Set-Cookie' HTTP headers
> return $r->headers_in->{'Cookie'} || $r->headers_in->{'Set-Cookie'};
> }
but that's just wrong :)
Set-Cookie is a response header, so it will be set in $r->headers_out when
the server decides to send a cookie to the client. Cookie is a request
header, so you glean it from $r->headers_in if the client has one to give
you. you'll never see Set-Cookie in $r->headers_in unless someone has made
a grave mistake.
you can see the gory details in the rfc
http://www.ietf.org/rfc/rfc2109.txt
HTH
--Geoff
Re: Modperl2 + PerlAccessHandler + Sending Cookie
Posted by yperl <yp...@club-internet.fr>.
Finally I come with a working solution.
sub getCookie {
my ( $r ) = @_;
# check for both 'Cookie' and 'Set-Cookie' HTTP headers
return $r->headers_in->{'Cookie'} || $r->headers_in->{'Set-Cookie'};
}
Hope this help new comers like me.
Thanks again guys
Thanks Fred
Younes
yperl a écrit :
> Your'e right Fred.
> The cookie is correctly sent.
>
> The problem is that Apache doesn't sent the correct cookie header.
> He sent 'Set-Cookie' instead of 'Cookie' (like in your case).
>
> Here is what I've got:
>
> # lwp-request -USe http://coro/gdlweb/resolver
> GET http://coro/gdlweb/resolver
> User-Agent: lwp-request/2.07
>
> GET http://coro/gdlweb/resolver --> 200 OK
> Connection: close
> Date: Sat, 11 Mar 2006 10:00:02 GMT
> Server: Apache/2.2.0 (Unix) GDLWeb-BnF/2.0 mod_ssl/2.2.0
> OpenSSL/0.9.7i DAV/2 mod_perl/2.0.2 Perl/v5.8.8
> Content-Length: 0
> Content-Type: text/plain
> Client-Date: Sat, 11 Mar 2006 10:00:02 GMT
> Client-Peer: 192.168.1.3:80
> Client-Response-Num: 1
> Set-Cookie: ID=123456; path=/
> X-Pad: avoid browser bug
>
> Younes
>
>
> Fred Moyer a écrit :
>> yperl wrote:
>>> unfortunately no. I've already tried this.
>>
>> Sometimes bad cookies leave no crumbs and are especially hard to
>> track down. I'm guessing this has to do with the specifics of your
>> cookie values - can you show us the exact code you used to create it?
>>
>> I was able to successfully bake a cookie from a PerlAccessHandler
>> with the following code:
>>
>> package Cookie::Monster;
>>
>> use strict;
>> use warnings;
>>
>> use Apache2::Const -compile => qw( OK );
>> use CGI::Cookie;
>>
>> sub handler {
>> my $r = shift;
>> my $cookie = new CGI::Cookie( -name => 'ID', -value => 123456 );
>> $r->headers_out->add('Set-Cookie' => $cookie );
>> return Apache2::Const::OK;
>> }
>>
>> 1;
>>
>> httpd.conf
>>
>> <Location /test>
>> SetHandler modperl
>> PerlAccessHandler Cookie::Monster
>> PerlResponseHandler Apache2::Const::OK
>> </Location>
>>
>> Headers output:
>>
>> GET /test/ HTTP/1.1
>> Host: localhost:7777
>> User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12)
>> Gecko/20051201 Firefox/1.0.7
>> Accept:
>> text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
>>
>> Accept-Language: en-us,en;q=0.5
>> Accept-Encoding: gzip,deflate
>> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
>> Keep-Alive: 300
>> Connection: keep-alive
>> Cookie: ID=123456
>> Cache-Control: max-age=0
>>
>>>
>>> Frank Wiles a écrit :
>>>> On Sat, 11 Mar 2006 02:42:20 +0100
>>>> yperl <yp...@club-internet.fr> wrote:
>>>>
>>>>
>>>>> I've tried everything I found (in mailing lists, suggestions, web
>>>>> doc)
>>>>> to send cookie from a PerlAccessHandler, but without success.
>>>>>
>>>>> Before giving up, I would like to have an answer from the
>>>>> mod_perl2 authors if it is possible.
>>>>>
>>>>> [snip]
>>>>>
>>>>> if ( grantAccess() ) {
>>>>>
>>>>> $r->headers_out->{'Set-Cookie'} = $cookie;
>>>>> return Apache2::Const::OK;
>>>>> }
>>>>>
>>>>
>>>> Shouldn't that be:
>>>> $r->headers_out->add('Set-Cookie' => $cookie );
>>>> ---------------------------------
>>>> Frank Wiles <fr...@wiles.org>
>>>> http://www.wiles.org
>>>> ---------------------------------
>>>>
>>>>
>>>
>>
>
Re: Modperl2 + PerlAccessHandler + Sending Cookie
Posted by yperl <yp...@club-internet.fr>.
Your'e right Fred.
The cookie is correctly sent.
The problem is that Apache doesn't sent the correct cookie header.
He sent 'Set-Cookie' instead of 'Cookie' (like in your case).
Here is what I've got:
# lwp-request -USe http://coro/gdlweb/resolver
GET http://coro/gdlweb/resolver
User-Agent: lwp-request/2.07
GET http://coro/gdlweb/resolver --> 200 OK
Connection: close
Date: Sat, 11 Mar 2006 10:00:02 GMT
Server: Apache/2.2.0 (Unix) GDLWeb-BnF/2.0 mod_ssl/2.2.0 OpenSSL/0.9.7i
DAV/2 mod_perl/2.0.2 Perl/v5.8.8
Content-Length: 0
Content-Type: text/plain
Client-Date: Sat, 11 Mar 2006 10:00:02 GMT
Client-Peer: 192.168.1.3:80
Client-Response-Num: 1
Set-Cookie: ID=123456; path=/
X-Pad: avoid browser bug
Younes
Fred Moyer a écrit :
> yperl wrote:
>> unfortunately no. I've already tried this.
>
> Sometimes bad cookies leave no crumbs and are especially hard to track
> down. I'm guessing this has to do with the specifics of your cookie
> values - can you show us the exact code you used to create it?
>
> I was able to successfully bake a cookie from a PerlAccessHandler with
> the following code:
>
> package Cookie::Monster;
>
> use strict;
> use warnings;
>
> use Apache2::Const -compile => qw( OK );
> use CGI::Cookie;
>
> sub handler {
> my $r = shift;
> my $cookie = new CGI::Cookie( -name => 'ID', -value => 123456 );
> $r->headers_out->add('Set-Cookie' => $cookie );
> return Apache2::Const::OK;
> }
>
> 1;
>
> httpd.conf
>
> <Location /test>
> SetHandler modperl
> PerlAccessHandler Cookie::Monster
> PerlResponseHandler Apache2::Const::OK
> </Location>
>
> Headers output:
>
> GET /test/ HTTP/1.1
> Host: localhost:7777
> User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12)
> Gecko/20051201 Firefox/1.0.7
> Accept:
> text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
>
> Accept-Language: en-us,en;q=0.5
> Accept-Encoding: gzip,deflate
> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Keep-Alive: 300
> Connection: keep-alive
> Cookie: ID=123456
> Cache-Control: max-age=0
>
>>
>> Frank Wiles a écrit :
>>> On Sat, 11 Mar 2006 02:42:20 +0100
>>> yperl <yp...@club-internet.fr> wrote:
>>>
>>>
>>>> I've tried everything I found (in mailing lists, suggestions, web doc)
>>>> to send cookie from a PerlAccessHandler, but without success.
>>>>
>>>> Before giving up, I would like to have an answer from the mod_perl2
>>>> authors if it is possible.
>>>>
>>>> [snip]
>>>>
>>>> if ( grantAccess() ) {
>>>>
>>>> $r->headers_out->{'Set-Cookie'} = $cookie;
>>>> return Apache2::Const::OK;
>>>> }
>>>>
>>>
>>> Shouldn't that be:
>>> $r->headers_out->add('Set-Cookie' => $cookie );
>>> ---------------------------------
>>> Frank Wiles <fr...@wiles.org>
>>> http://www.wiles.org
>>> ---------------------------------
>>>
>>>
>>
>
Re: Modperl2 + PerlAccessHandler + Sending Cookie
Posted by Fred Moyer <fr...@taperfriendlymusic.org>.
yperl wrote:
> unfortunately no. I've already tried this.
Sometimes bad cookies leave no crumbs and are especially hard to track
down. I'm guessing this has to do with the specifics of your cookie
values - can you show us the exact code you used to create it?
I was able to successfully bake a cookie from a PerlAccessHandler with
the following code:
package Cookie::Monster;
use strict;
use warnings;
use Apache2::Const -compile => qw( OK );
use CGI::Cookie;
sub handler {
my $r = shift;
my $cookie = new CGI::Cookie( -name => 'ID', -value => 123456 );
$r->headers_out->add('Set-Cookie' => $cookie );
return Apache2::Const::OK;
}
1;
httpd.conf
<Location /test>
SetHandler modperl
PerlAccessHandler Cookie::Monster
PerlResponseHandler Apache2::Const::OK
</Location>
Headers output:
GET /test/ HTTP/1.1
Host: localhost:7777
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12)
Gecko/20051201 Firefox/1.0.7
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: ID=123456
Cache-Control: max-age=0
>
> Frank Wiles a écrit :
>> On Sat, 11 Mar 2006 02:42:20 +0100
>> yperl <yp...@club-internet.fr> wrote:
>>
>>
>>> I've tried everything I found (in mailing lists, suggestions, web doc)
>>> to send cookie from a PerlAccessHandler, but without success.
>>>
>>> Before giving up, I would like to have an answer from the mod_perl2
>>> authors if it is possible.
>>>
>>> [snip]
>>>
>>> if ( grantAccess() ) {
>>>
>>> $r->headers_out->{'Set-Cookie'} = $cookie;
>>> return Apache2::Const::OK;
>>> }
>>>
>>
>> Shouldn't that be:
>> $r->headers_out->add('Set-Cookie' => $cookie );
>> ---------------------------------
>> Frank Wiles <fr...@wiles.org>
>> http://www.wiles.org
>> ---------------------------------
>>
>>
>
Re: Modperl2 + PerlAccessHandler + Sending Cookie
Posted by yperl <yp...@club-internet.fr>.
unfortunately no. I've already tried this.
Frank Wiles a écrit :
> On Sat, 11 Mar 2006 02:42:20 +0100
> yperl <yp...@club-internet.fr> wrote:
>
>
>> I've tried everything I found (in mailing lists, suggestions, web doc)
>> to send cookie from a PerlAccessHandler, but without success.
>>
>> Before giving up, I would like to have an answer from the mod_perl2
>> authors if it is possible.
>>
>> [snip]
>>
>> if ( grantAccess() ) {
>>
>> $r->headers_out->{'Set-Cookie'} = $cookie;
>> return Apache2::Const::OK;
>> }
>>
>
> Shouldn't that be:
>
> $r->headers_out->add('Set-Cookie' => $cookie );
>
> ---------------------------------
> Frank Wiles <fr...@wiles.org>
> http://www.wiles.org
> ---------------------------------
>
>
Re: Modperl2 + PerlAccessHandler + Sending Cookie
Posted by Frank Wiles <fr...@wiles.org>.
On Sat, 11 Mar 2006 02:42:20 +0100
yperl <yp...@club-internet.fr> wrote:
> I've tried everything I found (in mailing lists, suggestions, web doc)
> to send cookie from a PerlAccessHandler, but without success.
>
> Before giving up, I would like to have an answer from the mod_perl2
> authors if it is possible.
>
> [snip]
>
> if ( grantAccess() ) {
>
> $r->headers_out->{'Set-Cookie'} = $cookie;
> return Apache2::Const::OK;
> }
Shouldn't that be:
$r->headers_out->add('Set-Cookie' => $cookie );
---------------------------------
Frank Wiles <fr...@wiles.org>
http://www.wiles.org
---------------------------------
Re: Modperl2 + PerlAccessHandler + Sending Cookie
Posted by yperl <yp...@club-internet.fr>.
Hi there!
I've tried everything I found (in mailing lists, suggestions, web doc)
to send cookie from a PerlAccessHandler, but without success.
Before giving up, I would like to have an answer from the mod_perl2
authors if it is possible.
Here is my http.conf dealing with that:
------------------------------------------ Mod_perl2 Apache Conf Begin
-------------------------------------
<Location /gdlweb/resolver>
SetHandler modperl
PerlAccessHandler Login <--- handler I'm interested in
PerlResponseHandler Dispatcher
PerlOptions +GlobalRequest
</Location>
------------------------------------------ Mod_perl2 Apache Conf End
-------------------------------------
My Login.pm :
------------------------------------------ Handler Code Begin
-------------------------------------
sub handler {
my ( $r ) = @_;
# some code to create a correct cookie with CGI::Cookie
my $cookie = ....;
if ( grantAccess() ) {
$r->headers_out->{'Set-Cookie'} = $cookie;
return Apache2::Const::OK;
}
return Apache2::Const::FORBIDDEN;
}
------------------------------------------ Handler Code End
-------------------------------------
Any suggestion are very welcome at this point.
Thanks in advance guys (especially Fred).
Younes
yperl@club-internet.fr a écrit :
> I'm generating the cookie with CGI::Cookie().
>
> I think the problem is elsewhere
>
> >From a PerlResponseHandler, the method I described works,
> but I got the problem within a PerlAccessHandler.
>
> Should I delegate the cookie generation to the PerlResponseHandler ?
>
> Younes
>
>
> ---Message d'origine----
>
>> Date: Fri, 10 Mar 2006 09:04:58 -0800 (PST)
>> Sujet: Re: Re: Modperl2 question
>> De: "Fred Moyer" <fr...@taperfriendlymusic.org>
>> A: yperl@club-internet.fr
>> Copie à: modperl@perl.apache.org
>>
>
>
>> There's a few recipes here:
>> http://perl.apache.org/docs/2.0/user/coding/cooking.html#Sending_Cookies_Using_libapreq2
>>
>
>
>> How are you generating $cookie. You'll likely want to add the cookie in
>> any case, to update certain values or timestamps, I can't think of a case
>> where I haven't done so. You may want to look at Apache2::AuthCookie
>> which is a fully functional module to do exactly this
>>
>
>
> ----Message d'origine----
>
>> De: yperl@club-internet.fr
>> A: yperl@club-internet.fr
>> Sujet: Modperl2 + PerlAccessHandler + Sending Cookie
>> Date: Fri, 10 Mar 2006 18:06:23 +0100
>>
>> Hi All!
>>
>> I'm wondering if there is a correct way to send a cookie in a PerlAccessHandler.
>>
>> I've tried something like:
>> $r->headers_out->add('Set-Cookie' => $cookie);
>> and even:
>> $r->err_headers_out->add('Set-Cookie' => $cookie);
>>
>> whithout success
>>
>> I would like to send the cookie if it doesn't exists and
>> leave in the request if it already exists.
>>
>> Any idea?
>>
>> Thanks
>> Younes
>>
>>
>
>