You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Brian Clarkson <br...@austinunleashed.com> on 2004/03/11 17:17:17 UTC

AuthCookieDBI configuration woes

I've done a search through the archives, and the only related question I
could find didn't include any conf. information.
'
I thought I had my httpd.conf configured correctly for
Apache::AuthCookieDBI.  the same ( well, close to the same ) setup
worked for Apache::AuthCookie ....

the error message:

[Thu Mar 11 09:52:39 2004] [crit] [client 24.153.205.228] configuration
error:  couldn't check user.  No user file?: /LOGIN

i've tried the following configuration in the main httpd.conf *and* in
the <VirtualHost> section.  from reading the archives, the config will
only work in the main server section, even though with my current setup,
I'd *really* prefer it to work in the <VirtualHost> section.

the relevant config:

PerlSetVar JBGDBI_SecretKeyFile /home/httpd/secure.jbgoodwin.com/keyfile

PerlModule Apache::AuthCookieDBI
PerlSetVar JBGPath /
PerlSetVar JBGLoginScript /login.pl
### database infos
PerlSetVar JBGDBI_DSN "DBI:mysql:database=******"
PerlSetVar JBGDBI_User "******"
PerlSetVar JBGDBI_Password "********"
PerlSetVar JBGDBI_UsersTable "agent"
PerlSetVar JBGDBI_UserField "username"
PerlSetVar JBGDBI_PasswordField "password"

<Directory /home/httpd/secure.jbgoodwin.com/html>
  <FilesMatch  "login\.(pl|cgi)">
   SetHandler perl-script
   PerlHandler Apache::Registry
   Options +ExecCGI
   allow from all
   PerlSendHeader On
  </FilesMatch>
</Directory>

# These documents require user to be logged in.
<Location /logintest>
AuthType Apache::AuthCookieDBI
AuthName JBG
PerlAuthenHandler Apache::AuthCookieDBI->authenticate
PerlAuthzHandler Apache::AuthCookieDBI->authorize
require valid-user
</Location>
# 


##this is the action of the login.pl script above.
<Location /LOGIN>
AuthType Apache::AuthCookieDBI
AuthName JBG
SetHandler perl-script
PerlHandler Apache::AuthCookieDBI->login
</Location>

-- i've checked that keyfile is 400 ( root read only, per the docs )
-- login.pl has executable permissions ( 755 )

i've tried looking for the error message in the actual code of
Apache::AuthCookieDBI, but i can't find it anywhere.  what am i doing wrong?

brian



-- 
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

Re: AuthCookieDBI configuration woes

Posted by Brian Clarkson <br...@austinunleashed.com>.

Perrin Harkins wrote:

> On Thu, 2004-03-11 at 11:17, Brian Clarkson wrote:


> I've never used any of the AuthCookie modules, but this error is coming
> from apache:
> http://httpd.apache.org/docs/misc/FAQ.html#authauthoritative
> 
> It sounds like AuthCookieDBI is returning DECLINED (or rather AuthCookie
> is) when your auth fails.  To find out why, you might want to try
> running that login URL with the debugger enabled, or turning on the
> AuthCookieDebug flag.

i do have the AuthCookieDebug flag on; it's set to 3.

i have a feeling that some other BasicAuth is conflicting.  i (perhaps 
mistakenly) thought that i could mix BasicAuth and Apache::AuthCookie* 
auth schemes for different directory setups.  (at least, this is during 
testing, before I completely drop the BasicAuth in favor of the Apache 
solution ).




-- 
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

Re: AuthCookieDBI configuration woes

Posted by Perrin Harkins <pe...@elem.com>.
On Thu, 2004-03-11 at 11:17, Brian Clarkson wrote:
> I thought I had my httpd.conf configured correctly for
> Apache::AuthCookieDBI.  the same ( well, close to the same ) setup
> worked for Apache::AuthCookie ....
[...]
> the error message:
> [Thu Mar 11 09:52:39 2004] [crit] [client 24.153.205.228] configuration
> error:  couldn't check user.  No user file?: /LOGIN
[...]
> i've tried looking for the error message in the actual code of
> Apache::AuthCookieDBI, but i can't find it anywhere.  what am i doing wrong?

I've never used any of the AuthCookie modules, but this error is coming
from apache:
http://httpd.apache.org/docs/misc/FAQ.html#authauthoritative

It sounds like AuthCookieDBI is returning DECLINED (or rather AuthCookie
is) when your auth fails.  To find out why, you might want to try
running that login URL with the debugger enabled, or turning on the
AuthCookieDebug flag.

- Perrin


-- 
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html