You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by Marina Markus <ma...@bgumail.bgu.ac.il> on 2004/10/28 20:31:55 UTC

problem with "note_basic_auth_failure"

Hello,
 
I am trying to implement authentication with my own mod_perl subroutine
defined as PerlAuthenHandler (Apache 1.3.31 + mod_perl 1.29 + PHP 4.3.8
installed on RedHat 7.2), and encounter a strange problem that I hope
someone has seen before.
 
As the first step, I want my subroutine to reject all authentication
attempts.
For this, it  calls "note_basic_auth_failure" and then returns
AUTH_REQUIRED.
It does not work – the authentication popup window appers, but closes after
giving any username-password, and the page is displayed unrestrictedly
(instead of requiring authentication again till it succeeds, as happens when
using AuthUserFile instead). 
 
The subroutine behaves as if the call to "note_basic_auth_failure" just does
nothing; all other calls like " log_reason" etc work OK. No Perl errors
appear in "error.log". 
 
Settings in "httpd.conf" are:
 
 <Location /tester> 
   PerlAuthenHandler My::Auth::authen_handler
   AuthType Basic
  AuthName Testings
  Require valid-user
 
 </Location>
 
The file "My/Auth.pm" is very simple (tries to reject any attempt):
 
package My::Auth;
use mod_perl ();
 
    sub authen_handler {
 
        my $r = shift;
        my $rip=$r->connection->remote_ip;
 
        # get user's authentication credentials
        my ($res, $sent_pw) = $r->get_basic_auth_pw;
       $r->note_basic_auth_failure;
       $r->log_reason("getting u-p error was".$res);
 
        return $res if $res != OK;
 
        my $user = $r->connection->user;
            #reject and ask again – does not work !!!
$r->note_basic_auth_failure;
            $r->log_reason("forbidding $user from $rip", $r->uri);
              return AUTH_REQUIRED;
    }
 
   1;
 
Hope someone will see wrong settings or errors in the code that I overlook.
Grareful for any hints,
 
Marina Markus
mary@bgu.ac.il

Re: problem with "note_basic_auth_failure"

Posted by Geoffrey Young <ge...@modperlcookbook.org>.

>         # get user's authentication credentials
>         my ($res, $sent_pw) = $r->get_basic_auth_pw;
>        $r->note_basic_auth_failure;

do not call note_basic_auth_failure here.

> Hope someone will see wrong settings or errors in the code that I overlook.
> Grareful for any hints,

I think that the above fix ought to work, but if it doesn't you can just
steal an example from here:

  http://www.modperlcookbook.org/code/ch13/Cookbook/Authenticate.pm

and read the corresponding explanation here:

  http://www.modperlcookbook.org/chapters/ch13.pdf

specifically, you will want to read recipe 13.3 to understand how the API
interacts with the HTTP authentication challenge/response cycle.

HTH

--Geoff

-- 
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html