You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by allan juul <al...@muly.dk> on 2005/08/11 21:27:57 UTC

redirecting a post (or vice versa)

hi

this is not a specific mod_perl question, but i wonder if it could be 
done at all.

we have a reverse proxy scenario (via mod_rewrite) with an apache2 
frontend and IIS6 on another machine as backend.

we want a dual login to the site and we want the backend to handle the 
login.

1)
we have currentnly a page with an applet where people can choose a 
client certificate and click ok. all this results in a base64-encoded 
xmlstring that is POSTed to the backend. the backend will decide if its 
a valid user and after that redirect to a specific URL depending on status

2)
we now wish to perform almost the exact same thing (without coding too 
much at the backend), except we dont want a page where people can choose 
their client certificate. we want them to choose the certificate from 
the standard dialog when you have (in ssl.conf)


   SSLVerifyClient require


so i imagined that people would hit some kind of url that maps to some 
perl code that could handle the POST.
its basically the same as a redirect via the location header, where the 
URL is appended the relevant querystring, except we need a POST method 
because the data is quite big (and because we want to re-code as little 
as possible at backend). in fact i have made a proof of concept of the 
location header method (but that involves some extra backend code)

i know i could create a LWP UserAgent that did the POST but that would 
not redirect the user to the correct page. remember the IIS will do the 
final redirect after verification of the client certificate data.


we are currently running apache 2.0.54 on a FREEBSD box, so mod_perl2 
shouldn't be a problem.

thanks for any pointers
./allan

Re: redirecting a post (or vice versa)

Posted by Perrin Harkins <pe...@elem.com>.

On Thu, 2005-08-11 at 21:27 +0200, allan juul wrote:
> so i imagined that people would hit some kind of url that maps to some 
> perl code that could handle the POST.
> its basically the same as a redirect via the location header, where the 
> URL is appended the relevant querystring, except we need a POST method 
> because the data is quite big (and because we want to re-code as little 
> as possible at backend).

You can't redirect a POST.  You can fake it by redirecting to a GET,
although you just said the data is too big, or you can store the data on
the server-side (e.g. in a session) and redirect to a URL with a key to
find the data again (e.g. a session ID).

- Perrin