You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by John Walstra <jo...@cnet.com> on 2000/12/14 18:10:29 UTC
Apache::AuthCookie and SSL
I'm having the problem with being logged out then I switch to a secure
document. I have to log back in to get to the page. And when I go from a SSL
page to a plain page it logs me out again. Any advise?
Apache/1.3.12 (Unix) mod_perl/1.24 mod_ssl/2.6.6 OpenSSL/0.9.5a
Apache::AuthCookie is version 2.011
I'm also using Embperl v1.2.1
from .htaccess in the protected directories
AuthType Apache::AuthCookieHandler
AuthName Apollo
PerlAuthenHandler Apache::AuthCookieHandler->authenticate
PerlAuthzHandler Apache::AuthCookieHandler->authorize
require valid-user
from httpd.conf
PerlModule Apache::AuthCookieHandler
PerlSetVar ApolloPath /
PerlSetVar ApolloLoginScript /Protected/Login/login.epl
# This is the action of the login.epl script above.
<Files LOGIN>
AuthType Apache::AuthCookieHandler
AuthName Apollo
SetHandler perl-script
PerlHandler Apache::AuthCookieHandler->login
</Files>
Thanks,
John
--
John Walstra CNET Networks
Senior Software Developer, Jack Of All Trades 300 Park Blvd, Suite 105
mailto:johnw@cnet.com Itasca, IL 60143-4914
Phone: 630.438.7000 x1304 Fax: 630.775.0555
Re: Apache::AuthCookie and SSL
Posted by Vivek Khera <kh...@kciLink.com>.
>>>>> "JW" == John Walstra <jo...@cnet.com> writes:
JW> I'm having the problem with being logged out then I switch to a
JW> secure document. I have to log back in to get to the page. And
JW> when I go from a SSL page to a plain page it logs me out
JW> again. Any advise?
Figure out how to make your web browser send the cookie to both the
SSL and non-SSL versions of your pages. You're not being logged out;
the cookie just is not being sent to you.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D. Khera Communications, Inc.
Internet: khera@kciLink.com Rockville, MD +1-240-453-8497
AIM: vivekkhera Y!: vivek_khera http://www.khera.org/~vivek/
Re: Apache::AuthCookie and SSL
Posted by JR Mayberry <jr...@e-vend.net>.
actually you should be able to do a PerlSetVar to set that as well
PetSetVar ApolloDomain .yourdomain.com
i think will work
John Walstra wrote:
>
> I'm having the problem with being logged out then I switch to a secure
> document. I have to log back in to get to the page. And when I go from a SSL
> page to a plain page it logs me out again. Any advise?
>
> Apache/1.3.12 (Unix) mod_perl/1.24 mod_ssl/2.6.6 OpenSSL/0.9.5a
> Apache::AuthCookie is version 2.011
> I'm also using Embperl v1.2.1
>
> from .htaccess in the protected directories
>
> AuthType Apache::AuthCookieHandler
> AuthName Apollo
> PerlAuthenHandler Apache::AuthCookieHandler->authenticate
> PerlAuthzHandler Apache::AuthCookieHandler->authorize
> require valid-user
>
> from httpd.conf
>
> PerlModule Apache::AuthCookieHandler
> PerlSetVar ApolloPath /
> PerlSetVar ApolloLoginScript /Protected/Login/login.epl
>
> # This is the action of the login.epl script above.
> <Files LOGIN>
> AuthType Apache::AuthCookieHandler
> AuthName Apollo
> SetHandler perl-script
> PerlHandler Apache::AuthCookieHandler->login
> </Files>
>
> Thanks,
> John
>
> --
> John Walstra CNET Networks
> Senior Software Developer, Jack Of All Trades 300 Park Blvd, Suite 105
> mailto:johnw@cnet.com Itasca, IL 60143-4914
> Phone: 630.438.7000 x1304 Fax: 630.775.0555
--
______________________________________________________________________
JR Mayberry e-Vend.net Corporation
Programmer and Systems Administrator (888) 427-8743 x226 tel
jr.mayberry@e-vend.net http://www.e-vend.net
************************************************************************
The information in this message (including attachments) is confidential.
If the reader of this message is not the intended recipient or an agent
responsible for delivering it to the intended recipient, you are hereby
notified that you have received this document in error and that any
review, dissemination, distribution, or copying of this message is
strictly prohibited. If you have received this communication in error,
please notify us immediately by e-mail, and delete the original message.
***********************************************************************
Re: Apache::AuthCookie and SSL
Posted by Vivek Khera <kh...@kciLink.com>.
>>>>> "JM" == JR Mayberry <jr...@e-vend.net> writes:
JM> might wanna modify the source to set the domain to .yourdomain.com, as
JM> its probably now being set as secure.yourdomain.com or
JM> www.yourdomain.com
no need to modify source to do that. AuthCookie has a config option
to do it for you.
Re: Apache::AuthCookie and SSL
Posted by JR Mayberry <jr...@e-vend.net>.
might wanna modify the source to set the domain to .yourdomain.com, as
its probably now being set as secure.yourdomain.com or
www.yourdomain.com
i have the same setup here, it works fine..
John Walstra wrote:
>
> I'm having the problem with being logged out then I switch to a secure
> document. I have to log back in to get to the page. And when I go from a SSL
> page to a plain page it logs me out again. Any advise?
>
> Apache/1.3.12 (Unix) mod_perl/1.24 mod_ssl/2.6.6 OpenSSL/0.9.5a
> Apache::AuthCookie is version 2.011
> I'm also using Embperl v1.2.1
>
> from .htaccess in the protected directories
>
> AuthType Apache::AuthCookieHandler
> AuthName Apollo
> PerlAuthenHandler Apache::AuthCookieHandler->authenticate
> PerlAuthzHandler Apache::AuthCookieHandler->authorize
> require valid-user
>
> from httpd.conf
>
> PerlModule Apache::AuthCookieHandler
> PerlSetVar ApolloPath /
> PerlSetVar ApolloLoginScript /Protected/Login/login.epl
>
> # This is the action of the login.epl script above.
> <Files LOGIN>
> AuthType Apache::AuthCookieHandler
> AuthName Apollo
> SetHandler perl-script
> PerlHandler Apache::AuthCookieHandler->login
> </Files>
>
> Thanks,
> John
>
> --
> John Walstra CNET Networks
> Senior Software Developer, Jack Of All Trades 300 Park Blvd, Suite 105
> mailto:johnw@cnet.com Itasca, IL 60143-4914
> Phone: 630.438.7000 x1304 Fax: 630.775.0555
--
______________________________________________________________________
JR Mayberry e-Vend.net Corporation
Programmer and Systems Administrator (888) 427-8743 x226 tel
jr.mayberry@e-vend.net http://www.e-vend.net
************************************************************************
The information in this message (including attachments) is confidential.
If the reader of this message is not the intended recipient or an agent
responsible for delivering it to the intended recipient, you are hereby
notified that you have received this document in error and that any
review, dissemination, distribution, or copying of this message is
strictly prohibited. If you have received this communication in error,
please notify us immediately by e-mail, and delete the original message.
***********************************************************************