You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Marina Markus <ma...@bgumail.bgu.ac.il> on 2004/10/28 20:31:55 UTC
problem with "note_basic_auth_failure"
Hello,
I am trying to implement authentication with my own mod_perl subroutine
defined as PerlAuthenHandler (Apache 1.3.31 + mod_perl 1.29 + PHP 4.3.8
installed on RedHat 7.2), and encounter a strange problem that I hope
someone has seen before.
As the first step, I want my subroutine to reject all authentication
attempts.
For this, it calls "note_basic_auth_failure" and then returns
AUTH_REQUIRED.
It does not work – the authentication popup window appers, but closes after
giving any username-password, and the page is displayed unrestrictedly
(instead of requiring authentication again till it succeeds, as happens when
using AuthUserFile instead).
The subroutine behaves as if the call to "note_basic_auth_failure" just does
nothing; all other calls like " log_reason" etc work OK. No Perl errors
appear in "error.log".
Settings in "httpd.conf" are:
<Location /tester>
PerlAuthenHandler My::Auth::authen_handler
AuthType Basic
AuthName Testings
Require valid-user
</Location>
The file "My/Auth.pm" is very simple (tries to reject any attempt):
package My::Auth;
use mod_perl ();
sub authen_handler {
my $r = shift;
my $rip=$r->connection->remote_ip;
# get user's authentication credentials
my ($res, $sent_pw) = $r->get_basic_auth_pw;
$r->note_basic_auth_failure;
$r->log_reason("getting u-p error was".$res);
return $res if $res != OK;
my $user = $r->connection->user;
#reject and ask again – does not work !!!
$r->note_basic_auth_failure;
$r->log_reason("forbidding $user from $rip", $r->uri);
return AUTH_REQUIRED;
}
1;
Hope someone will see wrong settings or errors in the code that I overlook.
Grareful for any hints,
Marina Markus
mary@bgu.ac.il
Re: problem with "note_basic_auth_failure"
Posted by Geoffrey Young <ge...@modperlcookbook.org>.
> # get user's authentication credentials
> my ($res, $sent_pw) = $r->get_basic_auth_pw;
> $r->note_basic_auth_failure;
do not call note_basic_auth_failure here.
> Hope someone will see wrong settings or errors in the code that I overlook.
> Grareful for any hints,
I think that the above fix ought to work, but if it doesn't you can just
steal an example from here:
http://www.modperlcookbook.org/code/ch13/Cookbook/Authenticate.pm
and read the corresponding explanation here:
http://www.modperlcookbook.org/chapters/ch13.pdf
specifically, you will want to read recipe 13.3 to understand how the API
interacts with the HTTP authentication challenge/response cycle.
HTH
--Geoff
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html