You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Brian Reichert <re...@numachi.com> on 2002/05/22 07:53:21 UTC

Apache::AuthCookieDBI not sending cookies?

I've pawed though the archives, to no avail...

I've almost, but not quite, have Apache::AuthCookieDBI working for
me.

The symptom I'm seeing (to my eye) is that my browser is never
getting cookies sent back to it, even if I hand login.pl a valid
user/password.  (So I infer from the final error message; see below.)

Details of my setup:

  Apache::AuthCookieDBI 1.18

  $ httpd -v
  Server version: Apache/1.3.12 Cobalt (Unix) (please don't laugh)
  Server built:   May 25 2001 17:23:24

In my httpd.conf:

  <Files *.pl>
    SetHandler perl-script
    PerlHandler Apache::Registry
    Options ExecCGI
    PerlSendHeader On
  </Files>
  
  PerlSetVar CredTestDBI_DSN "DBI:mysql:database=devel_db"
  PerlSetVar CredTestDBI_User "yyyyyyyy"
  PerlSetVar CredTestDBI_Password "xxxxxx"
  PerlSetVar CredTestDBI_UsersTable "cred_test_user"
  PerlSetVar CredTestDBI_GroupsTable "cred_test_group"
  PerlSetVar CredTestDBI_SecretKeyFile "/home/sites/siteNN/cred_auth.key"
  
  PerlSetVar CredTestPath /
  PerlSetVar CredTestLoginScript /cgi-bin/login.pl
  
  PerlSetVar AuthCookieDebug 3
  
  PerlModule Apache::AuthCookieDBI
  
  <Location /credentials/private>
    AuthType Apache::AuthCookieDBI
    AuthName CredTest
    PerlAuthenHandler Apache::AuthCookieDBI->authenticate
    PerlAuthzHandler Apache::AuthCookieDBI->authorize
    require valid-user
  </Location>
  
  <Files LOGIN>
  AuthType Apache::AuthCookieDBI
    AuthName CredTest
    SetHandler perl-script
    PerlHandler Apache::AuthCookieDBI->login
  </Files>

When I make a request for /credentials/private/index.html, I indeed
get the login page.  My (slightly sanitized) web log shows:

  [Wed May 22 01:15:59 2002] [error] auth_type Apache::AuthCookieDBI
  [Wed May 22 01:15:59 2002] [error] auth_name CredTest
  [Wed May 22 01:15:59 2002] [error] ses_key_cookie 
  [Wed May 22 01:15:59 2002] [error] uri /credentials/private/index.html

I then fill in the fields, and hit 'submit':

  [Wed May 22 01:16:03 2002] [error] Converting POST -> GET

Now, my browser's connection hangs for a few minutes, ultimately
yielding no data.  If I get impatient, and terminate things
browser-side; my web log then shows:

  [Wed May 22 01:16:26 2002] [error] credential_0 foo
  [Wed May 22 01:16:26 2002] [error] credential_1 bar
  [Wed May 22 01:16:26 2002] [error] access to /LOGIN failed for
  NNN.NNN.NNN.NNN, reason: Apache::AuthCookieDBI: didn't have the
  secret key for auth realm CredTest
  [Wed May 22 01:16:26 2002] [error] ses_key bad

I get these same result with two different browsers, and using the
example login.pl programs that come with Apache::AuthCookieDBI and
Apache::AuthCookie.

Does anyone have any insight on what I'm _supposed_ to be seeing?

-- 
Brian 'you Bastard' Reichert		<re...@numachi.com>
37 Crystal Ave. #303			Daytime number: (603) 434-6842
Derry NH 03038-1713 USA			Intel architecture: the left-hand path