You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Tomasz Konefal <to...@compt.com> on 2002/01/07 18:04:22 UTC
problems with Apache::AuthTicket
greetings,
i'm hoping that someone out there can help me out with my AuthTicket
troubles.
first, i require a simple way to authenticate and authorize users for
a little intranet site. from what i could find, AuthTicket looks like
the best way to do this (is there something better?). PageKit also
looks nice, but it's probably overkill for what i need.
i've installed AuthTicket onto a FreeBSD 4.4 box running Apache.
here is a snippet from the http error log.
---snip---
[Mon Jan 7 11:11:57 2002] [error] ENTRY Apache::AuthTicket::dbi_connect
[line 215]
returning [DBI:Pg:dbname=ftpfudb] for TicketDB at
/usr/local/lib/perl5/site_perl
/5.005/Apache/AuthTicket.pm line 104.
returning [ftpfu] for TicketDBUser at
/usr/local/lib/perl5/site_perl/5.005/Apache/AuthTicket.pm line 104.
returning [in10se] for TicketDBPassword at
/usr/local/lib/perl5/site_perl/5.005/
Apache/AuthTicket.pm line 104.
<< DESTROY CALLED >> at
/usr/local/lib/perl5/site_perl/5.005/Apache/AuthTicket.pm line 227.
---snip---
here is the relevant portion of my httpd.conf file:
---snip---
## set AuthTicket defaults
##
PerlModule Apache::AuthTicket
PerlSetVar FtpFuTicketDB DBI:Pg:dbname=ftpfudb
PerlSetVar FtpFuTicketDBUser ftpfu
PerlSetVar FtpFuTicketDBPassword mypass
PerlSetVar FtpFuTicketTable tickets:ticket_hash:ts
PerlSetVar FtpFuTicketUserTable users:username:passwd
PerlSetVar FtpFuTicketPasswordStyle cleartext
PerlSetVar FtpFuTicketSecretTable ticketsecrets:sec_version:sec_data
PerlSetVar FtpFuTicketExpires 15
PerlSetVar FtpFuTicketLogoutURI /authorized/ftpfu.cgi
PerlSetVar FtpFuTicketLoginHandler /ftpfulogin
PerlSetVar FtpFuTicketIdleTimeout 1
PerlSetVar FtpFuPath /
PerlSetVar FtpFuDomain .compt.com
PerlSetVar FtpFuSecure 1
PerlSetVar FtpFuLoginScript /ftpfuloginform
## set access restrictions
##
<Location /authorized>
AuthType Apache::AuthTicket
AuthName FtpFu
PerlAuthenHandler Apache::AuthTicket->authenticate
PerlAuthzHandler Apache::AuthTicket->authorize
require valid-user
</Location>
## how to display login and logout forms
##
<Location /ftpfuloginform>
AuthType Apache::AuthTicket
AuthName FtpFu
SetHandler perl-script
PerlHandler Apache::AuthTicket->login_screen
</Location>
<Location /ftpfulogin>
AuthType Apache::AuthTicket
AuthName FtpFu
SetHandler perl-script
PerlHandler Apache::AuthTicket->login
</Location>
<Location /authorized/logout>
AuthType Apache::AuthTicket
AuthName FtpFu
SetHandler perl-script
PerlHandler Apache::AuthTicket->logout
</Location>
---snip---
i've set up a postgresql database with the appropriate tables and
permissios. this script can access this database without any difficulty:
---snip---
#!/usr/bin/perl
use DBI;
my $dbh=DBI->connect('DBI:Pg:dbname=foodb', 'foouser', 'foopasswd')
or die "couldn't connect: " . DBI->errstr;
$dbh->disconnect;
---snip---
when i try to access the 'authorized/' portion of the site i get the
login page. when i submit a blank login form, i get the above httpd
error log. if i fill it in, i also get that error log. at no time am i
prompted to set a cookie (mozilla is set to ask if i want to allow cookies).
another thing to note is that i've got two versions of perl installed.
the original 5.005 which came with freebsd, and an updated one which i
got from CPAN. @INC shows:
/usr/local/lib/perl5/5.6.1/i386-freebsd
/usr/local/lib/perl5/5.6.1
/usr/local/lib/perl5/site_perl/5.6.1/i386-freebsd
/usr/local/lib/perl5/site_perl/5.6.1
/usr/local/lib/perl5/site_perl/5.005/i386-freebsd
/usr/local/lib/perl5/site_perl/5.005
/usr/local/lib/perl5/site_perl
so, i'm hoping that's not the problem.
can anyone help me out with this difficulty?
thanks,
twkonefal
Re: problems with Apache::AuthTicket
Posted by Michael Schout <ms...@gkg.net>.
Tomasz Konefal wrote:
> PerlSetVar FtpFuTicketSecretTable ticketsecrets:sec_version:sec_data
> PerlSetVar FtpFuTicketExpires 15
> PerlSetVar FtpFuTicketLogoutURI /authorized/ftpfu.cgi
> PerlSetVar FtpFuTicketLoginHandler /ftpfulogin
> PerlSetVar FtpFuTicketIdleTimeout 1
> PerlSetVar FtpFuPath /
> PerlSetVar FtpFuDomain .compt.com
> PerlSetVar FtpFuSecure 1
> PerlSetVar FtpFuLoginScript /ftpfuloginform
A few things that might cause this:
1) Did you remember to create a secret key in table "ticketsecrets"?
2) Are you accessing the forms using HTTPS (NOT HTTP)? You need to use
HTTPS if ${AuthName}Secure is true (which it is above).
3) Make sure FtpFuDomain matches the hostname you are accessing.
Everything else looks fine as far as I can tell.
Mike