You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by Tom Schindl <to...@gmx.at> on 2004/06/30 16:35:21 UTC

[mp2] and AuthDBI PerlAuth(en|z)Handler failing

hi all,

preface: I'm not 100% sure that this is a mp2 resp. AuthDBI problem,
this might as well be an apache problem or even worse my own blindness.

We've a problem with a previously working configuration that looks
approximately like this (httpd.conf):

---------CUT---------
<Location /protectedthing>
    AuthName "gimme all you know:"
    AuthType Basic

    PerlAuthenHandler Apache::AuthDBI::authen
    PerlAuthzHandler  Apache::AuthDBI::authz

    PerlSetVar Auth_DBI_data_source   dbi:$some_valid_dsn
    PerlSetVar Auth_DBI_username      $a_db_user
    PerlSetVar Auth_DBI_password      $the_db_pass

    PerlSetVar Auth_DBI_pwd_table     users
    PerlSetVar Auth_DBI_uid_field     u_username
    PerlSetVar Auth_DBI_pwd_field     u_pwd
    #SELECT pwd_field FROM pwd_table WHERE uid_field=$user

    PerlSetVar Auth_DBI_grp_field     u_ref_customer

    PerlSetVar Auth_DBI_encrypted     off
    require valid-user
</Location>
---------CUT---------

That allows me to secure /protectedthing, which is working just fine.

I however have some sub-locations under /protectedthing:
---------CUT---------
<Location /protectedthing/topsecret>
    SetHandler perl-script

    PerlResponseHandler Some::Nice::mp2::Handler
</Location>
---------CUT---------

Previously this resulted in having a secured /protected/topsecret
location. After upgrading to the lastest apache 2.0.49 and mp1.99_14,
this does not work any more. I get 500 instead. The log shows this:

---------CUT---------
[Wed Jun 30 16:15:50 2004] [crit] [client 192.168.100.10] configuration
error:  couldn't check user.  No user file?: /protectedthing/topsecret,
referer: http://somesite/protectedthing
---------CUT---------

After enabling debug in AuthDBI I see that it is correctly invoked as a
PerlAuth(en|z)Handler for "/protectedthing/topsecret", but it gets no
configuration data passed (Auth_DBI_data_source etc.) for the
sublocation.

... I am completely lost here ...

Any ideas?

happy hacking

udo

Reclaim Your Inbox!
http://www.mozilla.org/products/thunderbird

-- 
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

Re: [mp2] and AuthDBI PerlAuth(en|z)Handler failing

Posted by Geoffrey Young <ge...@modperlcookbook.org>.


Geoffrey Young wrote:
>>I however have some sub-locations under /protectedthing:
>>---------CUT---------
>><Location /protectedthing/topsecret>
>>   SetHandler perl-script
>>
>>   PerlResponseHandler Some::Nice::mp2::Handler
>></Location>
> 
> 
>>After enabling debug in AuthDBI I see that it is correctly invoked as a
>>PerlAuth(en|z)Handler for "/protectedthing/topsecret", but it gets no
>>configuration data passed (Auth_DBI_data_source etc.) for the
>>sublocation.
>>
>>... I am completely lost here ...
>>
>>Any ideas?
> 
> 
> yes :)
> 
> merging for PerlSetVar/PerlAddVar is broken at the moment.  specifically,
> the kind of merging you want to do - overlapping containers - does not work
> at all.

this has been fixed in current cvs.  please give the latest mod_perl sources
a try and report back if you are still seeing improper merge behavior.

--Geoff

-- 
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

Re: [mp2] and AuthDBI PerlAuth(en|z)Handler failing

Posted by Geoffrey Young <ge...@modperlcookbook.org>.

> I however have some sub-locations under /protectedthing:
> ---------CUT---------
> <Location /protectedthing/topsecret>
>    SetHandler perl-script
> 
>    PerlResponseHandler Some::Nice::mp2::Handler
> </Location>

> After enabling debug in AuthDBI I see that it is correctly invoked as a
> PerlAuth(en|z)Handler for "/protectedthing/topsecret", but it gets no
> configuration data passed (Auth_DBI_data_source etc.) for the
> sublocation.
> 
> ... I am completely lost here ...
> 
> Any ideas?

yes :)

merging for PerlSetVar/PerlAddVar is broken at the moment.  specifically,
the kind of merging you want to do - overlapping containers - does not work
at all.

I tried to fix it once, and the fix was more complete than it had been at
the time, but it is still broken.  I know exactly what the problem is and I
_think_ I have a solution that will work, but it is not an easy task by any
means - both PerlSetVar and PerlAddVar need to merge into themselves as well
as with any parent containers, which means you need to maintain the
directive order throughout the entire configuration process.

anyway, I'm sorry this bug bit you.  I will try to find some tuits and work
it all out soonish.

--Geoff

-- 
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html