You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by John Walstra <jo...@cnet.com> on 2000/12/14 18:10:29 UTC

Apache::AuthCookie and SSL

I'm having the problem with being logged out then I switch to a secure
document. I have to log back in to get to the page. And when I go from a SSL
page to a plain page it logs me out again. Any advise?


Apache/1.3.12 (Unix) mod_perl/1.24 mod_ssl/2.6.6 OpenSSL/0.9.5a
Apache::AuthCookie is version 2.011
I'm also using Embperl  v1.2.1
 
from .htaccess in the protected directories

AuthType Apache::AuthCookieHandler
AuthName Apollo
PerlAuthenHandler Apache::AuthCookieHandler->authenticate
PerlAuthzHandler Apache::AuthCookieHandler->authorize
require valid-user    

from httpd.conf

PerlModule Apache::AuthCookieHandler
PerlSetVar ApolloPath /
PerlSetVar ApolloLoginScript /Protected/Login/login.epl

# This is the action of the login.epl script above.
<Files LOGIN>
  AuthType Apache::AuthCookieHandler
  AuthName Apollo
  SetHandler perl-script
  PerlHandler Apache::AuthCookieHandler->login
</Files>       

Thanks,
John

-- 
John Walstra                                         CNET Networks
Senior Software Developer, Jack Of All Trades        300 Park Blvd, Suite 105
mailto:johnw@cnet.com                                Itasca, IL 60143-4914
Phone: 630.438.7000 x1304                            Fax: 630.775.0555

Re: Apache::AuthCookie and SSL

Posted by Vivek Khera <kh...@kciLink.com>.

>>>>> "JW" == John Walstra <jo...@cnet.com> writes:

JW> I'm having the problem with being logged out then I switch to a
JW> secure document. I have to log back in to get to the page. And
JW> when I go from a SSL page to a plain page it logs me out
JW> again. Any advise?

Figure out how to make your web browser send the cookie to both the
SSL and non-SSL versions of your pages.  You're not being logged out;
the cookie just is not being sent to you.

-- 
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.                Khera Communications, Inc.
Internet: khera@kciLink.com       Rockville, MD       +1-240-453-8497
AIM: vivekkhera Y!: vivek_khera   http://www.khera.org/~vivek/

Re: Apache::AuthCookie and SSL

Posted by JR Mayberry <jr...@e-vend.net>.

actually you should be able to do a PerlSetVar to set that as well

PetSetVar ApolloDomain .yourdomain.com

i think will work


John Walstra wrote:
> 
> I'm having the problem with being logged out then I switch to a secure
> document. I have to log back in to get to the page. And when I go from a SSL
> page to a plain page it logs me out again. Any advise?
> 
> Apache/1.3.12 (Unix) mod_perl/1.24 mod_ssl/2.6.6 OpenSSL/0.9.5a
> Apache::AuthCookie is version 2.011
> I'm also using Embperl  v1.2.1
> 
> from .htaccess in the protected directories
> 
> AuthType Apache::AuthCookieHandler
> AuthName Apollo
> PerlAuthenHandler Apache::AuthCookieHandler->authenticate
> PerlAuthzHandler Apache::AuthCookieHandler->authorize
> require valid-user
> 
> from httpd.conf
> 
> PerlModule Apache::AuthCookieHandler
> PerlSetVar ApolloPath /
> PerlSetVar ApolloLoginScript /Protected/Login/login.epl
> 
> # This is the action of the login.epl script above.
> <Files LOGIN>
>   AuthType Apache::AuthCookieHandler
>   AuthName Apollo
>   SetHandler perl-script
>   PerlHandler Apache::AuthCookieHandler->login
> </Files>
> 
> Thanks,
> John
> 
> --
> John Walstra                                         CNET Networks
> Senior Software Developer, Jack Of All Trades        300 Park Blvd, Suite 105
> mailto:johnw@cnet.com                                Itasca, IL 60143-4914
> Phone: 630.438.7000 x1304                            Fax: 630.775.0555

-- 
______________________________________________________________________
JR Mayberry                                     e-Vend.net Corporation
Programmer and Systems Administrator            (888) 427-8743 x226 tel
jr.mayberry@e-vend.net                        http://www.e-vend.net

************************************************************************
The information in this message (including attachments) is confidential.
If the reader of this message is not the intended recipient or an agent
responsible for delivering it to the intended recipient, you are hereby
notified that you have received this document in error and that any
review, dissemination, distribution, or copying of this message is
strictly prohibited.  If you have received this communication in error,
please notify us immediately by e-mail, and delete the original message.
***********************************************************************

Re: Apache::AuthCookie and SSL

Posted by Vivek Khera <kh...@kciLink.com>.

>>>>> "JM" == JR Mayberry <jr...@e-vend.net> writes:

JM> might wanna modify the source to set the domain to .yourdomain.com, as
JM> its probably now being set as secure.yourdomain.com or
JM> www.yourdomain.com

no need to modify source to do that.  AuthCookie has a config option
to do it for you.

Re: Apache::AuthCookie and SSL

Posted by JR Mayberry <jr...@e-vend.net>.

might wanna modify the source to set the domain to .yourdomain.com, as
its probably now being set as secure.yourdomain.com or
www.yourdomain.com

i have the same setup here, it works fine..


John Walstra wrote:
> 
> I'm having the problem with being logged out then I switch to a secure
> document. I have to log back in to get to the page. And when I go from a SSL
> page to a plain page it logs me out again. Any advise?
> 
> Apache/1.3.12 (Unix) mod_perl/1.24 mod_ssl/2.6.6 OpenSSL/0.9.5a
> Apache::AuthCookie is version 2.011
> I'm also using Embperl  v1.2.1
> 
> from .htaccess in the protected directories
> 
> AuthType Apache::AuthCookieHandler
> AuthName Apollo
> PerlAuthenHandler Apache::AuthCookieHandler->authenticate
> PerlAuthzHandler Apache::AuthCookieHandler->authorize
> require valid-user
> 
> from httpd.conf
> 
> PerlModule Apache::AuthCookieHandler
> PerlSetVar ApolloPath /
> PerlSetVar ApolloLoginScript /Protected/Login/login.epl
> 
> # This is the action of the login.epl script above.
> <Files LOGIN>
>   AuthType Apache::AuthCookieHandler
>   AuthName Apollo
>   SetHandler perl-script
>   PerlHandler Apache::AuthCookieHandler->login
> </Files>
> 
> Thanks,
> John
> 
> --
> John Walstra                                         CNET Networks
> Senior Software Developer, Jack Of All Trades        300 Park Blvd, Suite 105
> mailto:johnw@cnet.com                                Itasca, IL 60143-4914
> Phone: 630.438.7000 x1304                            Fax: 630.775.0555

-- 
______________________________________________________________________
JR Mayberry                                     e-Vend.net Corporation
Programmer and Systems Administrator            (888) 427-8743 x226 tel
jr.mayberry@e-vend.net                        http://www.e-vend.net

************************************************************************
The information in this message (including attachments) is confidential.
If the reader of this message is not the intended recipient or an agent
responsible for delivering it to the intended recipient, you are hereby
notified that you have received this document in error and that any
review, dissemination, distribution, or copying of this message is
strictly prohibited.  If you have received this communication in error,
please notify us immediately by e-mail, and delete the original message.
***********************************************************************