You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Mike Diehn <mi...@diehn.net> on 2009/07/06 19:14:36 UTC
Can a PerlAuthzHandler access ENV variables set by mod_auth_kerb?
Hello, all.
I'm authenticating users with mod_auth_krb and setting KrbSaveCredentials
to on. I've found that the credentials are stored in a file in /tmp. The
name of the file is passed to CGI programs as the contents of an ENV var
named KRB5CCNAME.
I'm handling the authorization phase with a mod_perl2 PerlAuthzHandler
script. I want to use the credentials that mod_auth_kerb just verified.
By this phase, the name of the credential cache file has been stored
somewhere by mod_auth_kerb.
The question is this:
How can I get that filename?
How can I read the ENV that will ultimately go to CGI scripts?
PerlPassEnv seems not to do it.
Thanks,
Mike
--
Mike Diehn
Enfield, NH
mike@diehn.net
Re: Can a PerlAuthzHandler access ENV variables set by mod_auth_kerb?
Posted by William T <di...@gmail.com>.
On Mon, Jul 6, 2009 at 10:14 AM, Mike Diehn<mi...@diehn.net> wrote:
>
>
> Hello, all.
>
> I'm authenticating users with mod_auth_krb and setting KrbSaveCredentials
> to on. I've found that the credentials are stored in a file in /tmp. The
> name of the file is passed to CGI programs as the contents of an ENV var
> named KRB5CCNAME.
>
> I'm handling the authorization phase with a mod_perl2 PerlAuthzHandler
> script. I want to use the credentials that mod_auth_kerb just verified.
> By this phase, the name of the credential cache file has been stored
> somewhere by mod_auth_kerb.
>
> The question is this:
>
> How can I get that filename?
> How can I read the ENV that will ultimately go to CGI scripts?
>
> PerlPassEnv seems not to do it.
On Mon, Jul 6, 2009 at 10:14 AM, Mike Diehn<mi...@diehn.net> wrote:
>
> Hello, all.
>
> I'm authenticating users with mod_auth_krb and setting KrbSaveCredentials
> to on. I've found that the credentials are stored in a file in /tmp. The
> name of the file is passed to CGI programs as the contents of an ENV var
> named KRB5CCNAME.
>
> I'm handling the authorization phase with a mod_perl2 PerlAuthzHandler
> script. I want to use the credentials that mod_auth_kerb just verified.
> By this phase, the name of the credential cache file has been stored
> somewhere by mod_auth_kerb.
>
> The question is this:
>
> How can I get that filename?
> How can I read the ENV that will ultimately go to CGI scripts?
>
> PerlPassEnv seems not to do it.
You need both PassEnv and PerlPassEnv. Alternatively you may be able
to access the variable using subprocess_env.
http://perl.apache.org/docs/2.0/api/Apache2/RequestRec.html#C_subprocess_env_
-wjt