You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Jeff Sheffield <js...@buzzard.kdi.com> on 2001/01/03 07:02:15 UTC
Apache::AuthCookieDBI BEGIN problems...??
Well been racking my brain against this one for awhile now..
so I figured that I would reach-out for some help ;)
First let me say....
I am ashamed ... I twitled with the shiny bits.
the following code in the Apache::AuthCookieDBI module
does not work properly (for me).
-- code --
BEGIN {
my @keyfile_vars = grep {
$_ =~ /DBI_SecretKeyFile$/ } keys %{ Apache->server->dir_config() };
foreach my $keyfile_var ( @keyfile_vars ) {
my $keyfile = Apache->server->dir_config( $keyfile_var );
my $auth_name = $keyfile_var;
$auth_name =~ s/DBI_SecretKeyFile$//;
unless ( open( KEY, "<$keyfile" ) ) {
Apache::log_error( "Could not open keyfile for $auth_name in file $keyfile" );
} else {
$SECRET_KEYS{ $auth_name } = <KEY>;
close KEY;
}
}
### MY DIRTY HACK
my $auth_name = "WhatEver";
$SECRET_KEYS{ $auth_name } = "thisishtesecretkeyforthisserver";
### END MY DIRTY HACK
}
-- end code --
Note that without MY DIRTY LITTLE HACK it does not set those two
variables. I am/was pretty sure that this somehow relates to
"StackedHandlers"
but
I built mod_perl statically with ALL_HOOKS=1 EVERYTHING=1
it is Apache/1.3.14 (Unix) mod_perl/1.24_01 configured
So after I set MY DIRTY LITTLE HACK. Things chug right along
i bind to the database I authenticate against the db.
until I/the module tries to set_cookie in the form
Set-Cookie: Apache::AuthCookieDBI_WhatEver=jeff:2001-01-02-23-07-10:2001-01-02-23-12-10:2f8e147086c88e6771ac6751b5a1f25d;
path=/; domain=.jeff
So that makes me wonder if Date::Calc is installed correctly.
i.e. he module uses Date::Calc. also note that it installed fine.
I figured that the cookie problem could be a side effect of the
firt problem I mentioned.
ahh yes my config file is here for anyone who is intrested
Any clue's..??
Thanks,
Jeff
---------------------------------------------------------------------
| Gender Diff's |
| THOUGHT FOR THE DAY: Any married man should forget his mistakes. |
| There's no use in two people remembering the same thing. |
| |
| --Anonymous |
---------------------------------------------------------------------
| Jeff Sheffield |
| jeff@jspot.org |
| AIM=JeffShef |
---------------------------------------------------------------------
mod_perl 1.24_01 Cookie Problem..?? Was: Apache::AuthCookieDBI BEGIN problems...??
Posted by Jeff Sheffield <js...@buzzard.kdi.com>.
Ok switching parameter order from this
> PerlModule Apache::AuthCookieDBI
> PerlSetVar WhatEverDBI_SecretKeyFile /www/domain.com/test.key
to
PerlSetVar WhatEverDBI_SecretKeyFile /opt/apache/whiteboard.net/80/conf/WhatEver
PerlModule Apache::AuthCookieDBI
did fix the problem that DBI_SecretKeyFile was not getting read.
Thanks Jacob.
Now everything seems to work correctly except the
actual cookie is not being set.
Note: I have PerlSetVar AuthCookieDebug 3 and I am seeing this in the
logs.
--------
[Fri Jan 5 13:57:49 2001] [error] credential_0 jeff
[Fri Jan 5 13:57:49 2001] [error] credential_1 foobarbazz
[Fri Jan 5 13:57:50 2001] [error] Set-Cookie Apache::AuthCookieDBI_WhatEver=jeff:2001-01-05-13-57-50:2001-01-05-14-02-50:fc917dfdb5915a47a85309f716bf715b;
path=/; domain=.jeff
[Fri Jan 5 13:57:50 2001] [error] auth_type Apache::AuthCookieDBI
[Fri Jan 5 13:57:50 2001] [error] auth_name WhatEver
[Fri Jan 5 13:57:50 2001] [error] ses_key_cookie
[Fri Jan 5 13:57:50 2001] [error] uri /mailing-list
[Fri Jan 5 14:18:07 2001] [error] auth_type Apache::AuthCookieDBI
[Fri Jan 5 14:18:07 2001] [error] auth_name WhatEver
[Fri Jan 5 14:18:07 2001] [error] ses_key_cookie
[Fri Jan 5 14:18:07 2001] [error] uri /mailing-list
------
Also note: I added the Set-Cookie log info so that you could see what cookie
I am passing.
Is that an invalid formatt..??
I saw James's email
>Specifically, my perl scripts before mod_perl would pass a cookie back
>and forth with the users name and password - so that each script, when
>called, would check for the cookie to see if the user is logged in and if not
>redirect to a login page, if they are logged in then display the
>requested page.
>Now that I have mod_perl installed I cannot pass any cookies like I
>used to. I have not changed any scripts [yet] and all use DBI connections to a
>postgres DB.
>I looked through the guide and searched the maillist archive but did
>not find much info to help with this.
>I also tried to install Apache::AuthCookieDBI, but documentation is
>very limited for that and never could get it right.
and that got me to thinking maby this is a mod_perl 1.24_01 problem.
because I am experiencing the same sort of thing.
Jeff
On Thu, Jan 04, 2001 at 04:06:01PM -0800, Jacob Davies wrote:
> On Wed, Jan 03, 2001 at 12:02:15AM -0600, Jeff Sheffield wrote:
> > I am ashamed ... I twitled with the shiny bits.
> > my $auth_name = "WhatEver";
> > $SECRET_KEYS{ $auth_name } = "thisishtesecretkeyforthisserver";
> > ### END MY DIRTY HACK
> > Note that without MY DIRTY LITTLE HACK it does not set those two
> > variables. I am/was pretty sure that this somehow relates to
> > "StackedHandlers"
>
> I believe the problem is a known documentation bug with the module. I need
> to fix the docs and make a new release (have been meaning to for, oh,
> five months now) but I no longer work at the place that originally paid
> me to write the module and haven't had a chance so far. I have a few other
> patches to integrate too. I believe your specific problem stems
> from having the:
>
> PerlModule Apache::AuthCookieDBI
>
> line before the
>
> PerlSetVar WhatEverDBI_SecretKeyFile /www/domain.com/test.key
>
> line in the server config file. Yes, the documentation has it the wrong
> way around. The reason is that the server reads this configuration
> directive at module load time (i.e. with PerlModule, at server start time
> when it's still running as root) so that it can preload the secret keys
> from files on disk. You want those files to be root-owned and only
> readable by root, which is why it does it at start time. Try putting
> all your DBI_SecretKeyFile directives before the PerlModule line and
> see if that fixes your problem.
>
> It should give better diagnostics when this problem comes up, I need to
> fix that. Right now I don't even have this module running anywhere, but
> I will install it again on my home machine at least, for testing.
>
> Hopefully I will have a new release and an announce notice for this out
> soon.
>
> --
> Jacob Davies
> jacob@well.com
Thanks,
Jeff
---------------------------------------------------
| "0201: Keyboard Error. Press F1 to continue." |
| -- IBM PC-XT Rom, 1982 |
---------------------------------------------------
| Jeff Sheffield |
| jeff@jspot.org |
| AIM=JeffShef |
---------------------------------------------------
Re: Apache::AuthCookieDBI BEGIN problems...??
Posted by Jacob Davies <ja...@well.com>.
On Wed, Jan 03, 2001 at 12:02:15AM -0600, Jeff Sheffield wrote:
> I am ashamed ... I twitled with the shiny bits.
> my $auth_name = "WhatEver";
> $SECRET_KEYS{ $auth_name } = "thisishtesecretkeyforthisserver";
> ### END MY DIRTY HACK
> Note that without MY DIRTY LITTLE HACK it does not set those two
> variables. I am/was pretty sure that this somehow relates to
> "StackedHandlers"
I believe the problem is a known documentation bug with the module. I need
to fix the docs and make a new release (have been meaning to for, oh,
five months now) but I no longer work at the place that originally paid
me to write the module and haven't had a chance so far. I have a few other
patches to integrate too. I believe your specific problem stems
from having the:
PerlModule Apache::AuthCookieDBI
line before the
PerlSetVar WhatEverDBI_SecretKeyFile /www/domain.com/test.key
line in the server config file. Yes, the documentation has it the wrong
way around. The reason is that the server reads this configuration
directive at module load time (i.e. with PerlModule, at server start time
when it's still running as root) so that it can preload the secret keys
from files on disk. You want those files to be root-owned and only
readable by root, which is why it does it at start time. Try putting
all your DBI_SecretKeyFile directives before the PerlModule line and
see if that fixes your problem.
It should give better diagnostics when this problem comes up, I need to
fix that. Right now I don't even have this module running anywhere, but
I will install it again on my home machine at least, for testing.
Hopefully I will have a new release and an announce notice for this out
soon.
--
Jacob Davies
jacob@well.com
Re: Apache::AuthCookieDBI BEGIN problems...??
Posted by Jeff Sheffield <js...@buzzard.kdi.com>.
> ahh yes my config file is here for anyone who is intrested
oopse
http://www.jspot.org/jeff/temp/custom.after
Thanks,
Jeff
---------------------------------------------------------------------
| Gender Diff's |
| THOUGHT FOR THE DAY: Any married man should forget his mistakes. |
| There's no use in two people remembering the same thing. |
| |
| --Anonymous |
---------------------------------------------------------------------
| Jeff Sheffield |
| jeff@jspot.org |
| AIM=JeffShef |
---------------------------------------------------------------------