You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by Charlie Katz <ck...@cfa.harvard.edu> on 2006/08/22 21:37:28 UTC

use mod_info and mod_status via mod_perl?

Hi All,

I would like to make the output of mod_info and mod_status available within my 
site, but I want to limit access to them by using my site's custom 
authorization scheme.  The usual

<Location /server-status>
  SetHandler server-status
  ...
  Allow from ...
</Location>

doesn't work for me because I don't want to control access based on URI, but 
rather the custom authorization level my site assigns when a user logs in.

After hacking around for a while I worked out something like the following.  
This can only be run by a user who has logged in to the site and has 
sufficient privileges:

my $subr = $r->lookup_uri('');
$subr->handler('server-status');
$subr->run;

This seems straightforward enough (and it works), but I am bothered by using 
lookup_uri() when I don't actually care what the URI is.  Is there a more 
direct way to do what I want?

Regards,
Charlie

-- 
Charlie Katz
Harvard-Smithsonian Center for Astrophysics
ckatz@cfa.harvard.edu

Re: use mod_info and mod_status via mod_perl?

Posted by Charlie Katz <ck...@cfa.harvard.edu>.

On Tuesday 22 August 2006 4:14 pm, Michael Peters wrote:
> > I have just been assuming that one can't use Perl*Handler directives
> > unless using "SetHandler perl-script".  Can I still set a
> > PerlAuth*Handler in a <Location> if I have "SetHandler server-status"
> > there?  Hmm...
>
> Yes. SetHandler sets the response handler not anything else.
> As long as your auth* is in modules that will work as PerlAuth*Handlers
> then you're good to go.


Alright then.  I just knew I was missing something simple.  Thanks for the 
help.

Charlie

-- 
Charlie Katz
Harvard-Smithsonian Center for Astrophysics
ckatz@cfa.harvard.edu

Re: use mod_info and mod_status via mod_perl?

Posted by Michael Peters <mp...@plusthree.com>.

Charlie Katz wrote:

> I did this because I don't understand how to use server configuration 
> directives to get the request to pass first through my perl code for 
> auth*tion, then have the response generated by mod_status.
> 
> Unless...
> 
> I have just been assuming that one can't use Perl*Handler directives unless 
> using "SetHandler perl-script".  Can I still set a PerlAuth*Handler in a 
> <Location> if I have "SetHandler server-status" there?  Hmm...

Yes. SetHandler sets the response handler not anything else.
As long as your auth* is in modules that will work as PerlAuth*Handlers then
you're good to go. If you do something custom then you'll have to change it or
keep using subrequests.

-- 
Michael Peters
Developer
Plus Three, LP

Re: use mod_info and mod_status via mod_perl?

Posted by Charlie Katz <ck...@cfa.harvard.edu>.

Thanks for the reply.

Yeah, this is what I'm worried about, that I'm missing something really 
simple.

I think I'm basically doing what you suggest; the request passes through my 
perl code that performs the authorization checks, and if they are satisfied, 
my code then calls mod_status via the (awkward) subrequest I described.

I did this because I don't understand how to use server configuration 
directives to get the request to pass first through my perl code for 
auth*tion, then have the response generated by mod_status.

Unless...

I have just been assuming that one can't use Perl*Handler directives unless 
using "SetHandler perl-script".  Can I still set a PerlAuth*Handler in a 
<Location> if I have "SetHandler server-status" there?  Hmm...

Charlie

On Tuesday 22 August 2006 3:44 pm, you wrote:
> Charlie Katz wrote:
> > On Tuesday 22 August 2006 3:37 pm, Charlie Katz wrote:
> >> <Location /server-status>
> >>   SetHandler server-status
> >>   ...
> >>   Allow from ...
> >> </Location>
> >>
> >> doesn't work for me because I don't want to control access based on URI,
> >> but rather the custom authorization level my site assigns when a user
> >> logs in.
> >
> > Oops, I meant to say "... because I don't want to control access based on
> > IP address, but rather ..."
>
> I'm confused as to yhy can't you just the custom auth you already have?
> Just use PerlAuth*Handler directives.

-- 
Charlie Katz
Harvard-Smithsonian Center for Astrophysics
ckatz@cfa.harvard.edu

Re: use mod_info and mod_status via mod_perl?

Posted by Michael Peters <mp...@plusthree.com>.


Charlie Katz wrote:
> On Tuesday 22 August 2006 3:37 pm, Charlie Katz wrote:
>> <Location /server-status>
>>   SetHandler server-status
>>   ...
>>   Allow from ...
>> </Location>
>>
>> doesn't work for me because I don't want to control access based on URI,
>> but rather the custom authorization level my site assigns when a user logs
>> in.
> 
> Oops, I meant to say "... because I don't want to control access based on IP 
> address, but rather ..."

I'm confused as to yhy can't you just the custom auth you already have? Just use
PerlAuth*Handler directives.

-- 
Michael Peters
Developer
Plus Three, LP

Re: use mod_info and mod_status via mod_perl?

Posted by Charlie Katz <ck...@cfa.harvard.edu>.

On Tuesday 22 August 2006 3:37 pm, Charlie Katz wrote:
> <Location /server-status>
>   SetHandler server-status
>   ...
>   Allow from ...
> </Location>
>
> doesn't work for me because I don't want to control access based on URI,
> but rather the custom authorization level my site assigns when a user logs
> in.

Oops, I meant to say "... because I don't want to control access based on IP 
address, but rather ..."

Charlie

-- 
Charlie Katz
Harvard-Smithsonian Center for Astrophysics
ckatz@cfa.harvard.edu