You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Jeff Sheffield <js...@buzzard.kdi.com> on 2001/01/05 21:48:12 UTC
mod_perl 1.24_01 Cookie Problem..?? Was: Apache::AuthCookieDBI BEGIN problems...??
Ok switching parameter order from this
> PerlModule Apache::AuthCookieDBI
> PerlSetVar WhatEverDBI_SecretKeyFile /www/domain.com/test.key
to
PerlSetVar WhatEverDBI_SecretKeyFile /opt/apache/whiteboard.net/80/conf/WhatEver
PerlModule Apache::AuthCookieDBI
did fix the problem that DBI_SecretKeyFile was not getting read.
Thanks Jacob.
Now everything seems to work correctly except the
actual cookie is not being set.
Note: I have PerlSetVar AuthCookieDebug 3 and I am seeing this in the
logs.
--------
[Fri Jan 5 13:57:49 2001] [error] credential_0 jeff
[Fri Jan 5 13:57:49 2001] [error] credential_1 foobarbazz
[Fri Jan 5 13:57:50 2001] [error] Set-Cookie Apache::AuthCookieDBI_WhatEver=jeff:2001-01-05-13-57-50:2001-01-05-14-02-50:fc917dfdb5915a47a85309f716bf715b;
path=/; domain=.jeff
[Fri Jan 5 13:57:50 2001] [error] auth_type Apache::AuthCookieDBI
[Fri Jan 5 13:57:50 2001] [error] auth_name WhatEver
[Fri Jan 5 13:57:50 2001] [error] ses_key_cookie
[Fri Jan 5 13:57:50 2001] [error] uri /mailing-list
[Fri Jan 5 14:18:07 2001] [error] auth_type Apache::AuthCookieDBI
[Fri Jan 5 14:18:07 2001] [error] auth_name WhatEver
[Fri Jan 5 14:18:07 2001] [error] ses_key_cookie
[Fri Jan 5 14:18:07 2001] [error] uri /mailing-list
------
Also note: I added the Set-Cookie log info so that you could see what cookie
I am passing.
Is that an invalid formatt..??
I saw James's email
>Specifically, my perl scripts before mod_perl would pass a cookie back
>and forth with the users name and password - so that each script, when
>called, would check for the cookie to see if the user is logged in and if not
>redirect to a login page, if they are logged in then display the
>requested page.
>Now that I have mod_perl installed I cannot pass any cookies like I
>used to. I have not changed any scripts [yet] and all use DBI connections to a
>postgres DB.
>I looked through the guide and searched the maillist archive but did
>not find much info to help with this.
>I also tried to install Apache::AuthCookieDBI, but documentation is
>very limited for that and never could get it right.
and that got me to thinking maby this is a mod_perl 1.24_01 problem.
because I am experiencing the same sort of thing.
Jeff
On Thu, Jan 04, 2001 at 04:06:01PM -0800, Jacob Davies wrote:
> On Wed, Jan 03, 2001 at 12:02:15AM -0600, Jeff Sheffield wrote:
> > I am ashamed ... I twitled with the shiny bits.
> > my $auth_name = "WhatEver";
> > $SECRET_KEYS{ $auth_name } = "thisishtesecretkeyforthisserver";
> > ### END MY DIRTY HACK
> > Note that without MY DIRTY LITTLE HACK it does not set those two
> > variables. I am/was pretty sure that this somehow relates to
> > "StackedHandlers"
>
> I believe the problem is a known documentation bug with the module. I need
> to fix the docs and make a new release (have been meaning to for, oh,
> five months now) but I no longer work at the place that originally paid
> me to write the module and haven't had a chance so far. I have a few other
> patches to integrate too. I believe your specific problem stems
> from having the:
>
> PerlModule Apache::AuthCookieDBI
>
> line before the
>
> PerlSetVar WhatEverDBI_SecretKeyFile /www/domain.com/test.key
>
> line in the server config file. Yes, the documentation has it the wrong
> way around. The reason is that the server reads this configuration
> directive at module load time (i.e. with PerlModule, at server start time
> when it's still running as root) so that it can preload the secret keys
> from files on disk. You want those files to be root-owned and only
> readable by root, which is why it does it at start time. Try putting
> all your DBI_SecretKeyFile directives before the PerlModule line and
> see if that fixes your problem.
>
> It should give better diagnostics when this problem comes up, I need to
> fix that. Right now I don't even have this module running anywhere, but
> I will install it again on my home machine at least, for testing.
>
> Hopefully I will have a new release and an announce notice for this out
> soon.
>
> --
> Jacob Davies
> jacob@well.com
Thanks,
Jeff
---------------------------------------------------
| "0201: Keyboard Error. Press F1 to continue." |
| -- IBM PC-XT Rom, 1982 |
---------------------------------------------------
| Jeff Sheffield |
| jeff@jspot.org |
| AIM=JeffShef |
---------------------------------------------------