You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Andrew Whyte <a....@cqu.edu.au> on 2001/11/23 07:58:12 UTC

Help with AuthDBI, getting stuck :-/

Hi guys,

I'm totally stuck with this, and I'm desperate to get a working solution.

I have a Tru64 Unix machine, running mod_perl-1.26, Apache 1.3.22
and I've installed the ApacheDBI-0.88 and DBI-1.18 stuff.

I am connecting to an Oracle database on another host,
running 8.1.6 client libs on the web host.

Oracle's sqlplus works perfectly fine to test the DB connection.



I've got the following in my httpd.conf




  SetEnv ORACLE_BASE "/usr/local/oracle"
  SetEnv ORACLE_HOME "/usr/local/oracle/product/8.1.6"
  PassEnv ORACLE_BASE
  PassEnv ORACLE_HOME
  SetEnv ORAENV_ASK NO
  SetEnv LD_LIBRARY_PATH "/usr/local/lib:/usr/local/oracle/product/8.1.6/lib"
  SetEnv ORACLE_SID ACNTS
  PerlModule Apache::AuthDBI
  PerlRequire  /usr/local/WWW/apache-1.3.22/conf/startup.pl




I then have this in the .htaccess file of the folder I'm trying to protect:





  AuthName "DBI Login"
  AuthType Basic

  PerlAuthenHandler Apache::AuthDBI::authen

  PerlSetVar Auth_DBI_data_source   dbi:Oracle:ACNTS
  PerlSetVar Auth_DBI_username      acnts_user
  PerlSetVar Auth_DBI_password      acnts_password
  # DBI->connect($data_source, $username, $password)

  PerlSetVar Auth_DBI_pwd_table     stud_security
  PerlSetVar Auth_DBI_uid_field     username
  PerlSetVar Auth_DBI_pwd_field     sys.pass_dec(password)
  #SELECT pwd_field FROM pwd_table WHERE uid_field=$user

  #PerlSetVar Auth_DBI_encrypted     off
  #PerlSetVar Auth_DBI_authoritative on
  #PerlSetVar Auth_DBI_nopasswd off

  require valid-user




I have the following in my  startup.pl file




#!/usr/local/bin/perl -w

# to load this file when the server starts, add this to httpd.conf:
# PerlRequire /path/to/startup.pl

# make sure we are in a sane environment.
$ENV{GATEWAY_INTERFACE} =~ /^CGI-Perl/ or die "GATEWAY_INTERFACE not Perl!";

use Apache::Registry;
use Apache::Status;
use Apache::DBI;
use Apache::AuthDBI;
use strict;

# optional configuration for Apache::DBI.pm:

# choose debug output: 0 = off, 1 = quiet, 2 = chatty
$Apache::DBI::DEBUG = 2;

# configure all connections which should be established during server startup.
# keep in mind, that if the connect does not succeeed, your server won't start
# until the connect times out (database dependent) !
# you may use a DSN with attribute settings specified within

Apache::DBI->connect_on_init("dbi:Oracle(AutoCommit=>1):ACNTS", "acntsdba", "acntsdba");

# configure the ping behavior of the persistent database connections
# you may NOT not use a DSN with attribute settings specified within
# $timeout = 0  -> always ping the database connection (default)
# $timeout < 0  -> never  ping the database connection
# $timeout > 0  -> ping the database connection only if the last access
#                  was more than timeout seconds before

my $timeout = 0 ;

Apache::DBI->setPingTimeOut("dbi:Oracle:ACNTS", $timeout);

# optional configuration for Apache::AuthDBI.pm:

# choose debug output: 0 = off, 1 = quiet, 2 = chatty
$Apache::AuthDBI::DEBUG = 2;

# set lifetime in seconds for the entries in the cache
Apache::AuthDBI->setCacheTime(60);

# set minimum time in seconds between two runs of the handler which cleans the cache
Apache::AuthDBI->setCleanupTime(-1);

# use shared memory of given size for the cache
#Apache::AuthDBI->initIPC(50000);

1;




As you can see, this is pretty much textbook configuration from all the man/help/perldoc's
I've been able to dig up...

Here is a trace from the error.log file:

==========
5960 Apache::AuthDBI::authen request type = >initial main<
REQUEST:
GET /PastExams/AssocLogo.gif HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-au
Authorization: Basic dGVzdDp0ZXN0dXNl
Connection: Keep-Alive
Host: association-test.cqu.edu.au
If-Modified-Since: Mon, 30 Apr 2001 04:45:19 GMT
If-None-Match: "1d394-1d7d-3aeceddf"
Referer: http://association-test.cqu.edu.au/PastExams/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

HTTP/1.1 (null)

5960 Apache::AuthDBI::authen get_basic_auth_pw: res = >0<, password sent = >testuse<
5960 Apache::AuthDBI::authen user sent = >test<
5960 Apache::AuthDBI::authen Config{ pwdcasesensitive } = on
5960 Apache::AuthDBI::authen Config{ pwd_whereclause  } =
5960 Apache::AuthDBI::authen Config{ placeholder      } = off
5960 Apache::AuthDBI::authen Config{ log_field        } =
5960 Apache::AuthDBI::authen Config{ uid_field        } = username
5960 Apache::AuthDBI::authen Config{ authoritative    } = on
5960 Apache::AuthDBI::authen Config{ data_source      } = dbi:Oracle:ACNTS
5960 Apache::AuthDBI::authen Config{ grp_field        } =
5960 Apache::AuthDBI::authen Config{ encrypted        } = on
5960 Apache::AuthDBI::authen Config{ pwd_field        } = sys.pass_dec(password)
5960 Apache::AuthDBI::authen Config{ nopasswd         } = off
5960 Apache::AuthDBI::authen Config{ grp_table        } =
5960 Apache::AuthDBI::authen Config{ pwd_table        } = stud_security
5960 Apache::AuthDBI::authen Config{ password         } = acnts_password
5960 Apache::AuthDBI::authen Config{ log_string       } =
5960 Apache::AuthDBI::authen Config{ uidcasesensitive } = on
5960 Apache::AuthDBI::authen Config{ encryption_salt  } = password
5960 Apache::AuthDBI::authen Config{ username         } = acnts_user
5960 Apache::AuthDBI::authen Config{ grp_whereclause  } =
5960 Apache::AuthDBI::authen passwd not found in cache




The problem I have is that I can enter absolutly ANY username with or
without a Password and it always let's me through.. It should DECLINE!

I found a trace test on the web showing the SELECT statement being used. I just can't
get mine to do that.. I've tried this every which way, nothings working..


I would love some help in trying to figure this out.


Thanks heaps, Andrew.


More info:

bash-2.02# perl -v

This is perl, version 5.004_04 built for alpha-dec_osf

Copyright 1987-1997, Larry Wall

Perl may be copied only under the terms of either the Artistic License or the
GNU General Public License, which may be found in the Perl 5.0 source kit.

bash-2.02# perl -V
Summary of my perl5 (5.0 patchlevel 4 subversion 4) configuration:
  Platform:
    osname=dec_osf, osvers=4.0, archname=alpha-dec_osf
    uname='osf1 hendrix.cqu.edu.au v4.0 1229 alpha '
    hint=recommended, useposix=true, d_sigaction=define
    bincompat3=y useperlio=undef d_sfio=undef
  Compiler:
    cc='cc', optimize='-O4', gccversion=
    cppflags='-std -D_INTRINSICS -D__LANGUAGE_C__'
    ccflags ='-std -D_INTRINSICS -D__LANGUAGE_C__'
    stdchar='unsigned char', d_stdstdio=define, usevfork=false
    voidflags=15, castflags=0, d_casti32=define, d_castneg=define
    intsize=4, alignbytes=8, usemymalloc=y, prototype=define
  Linker and Libraries:
    ld='ld', ldflags =' -L/usr/local/lib'
    libpth=/usr/local/lib /usr/shlib /shlib /lib /usr/lib /usr/ccs/lib
    libs=-ldbm -ldb -lm
    libc=/usr/shlib/libc.so, so=so
    useshrplib=false, libperl=libperl.a
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=' '
    cccdlflags=' ', lddlflags='-shared -expect_unresolved "*" -O4 -msym -s -L/usr/local/lib'


Characteristics of this binary (from libperl):
  Built under dec_osf
  Compiled at Sep  3 1999 09:08:13
  @INC:
    /usr/local/lib/perl5/alpha-dec_osf/5.00404
    /usr/local/lib/perl5
    /usr/local/lib/perl5/site_perl/alpha-dec_osf
    /usr/local/lib/perl5/site_perl
    .