[Melbourne-pm] mod_perl and apache authentication

Mon Aug 25 22:59:15 PDT 2008

Hi everyone,

I am trying to write a test mod_perl authentication mechanism (for mod_perl 
1.29), but my PerlAuthenHandler does not seem to be called (although my 
PerlAccessHandler *does* get called, and I can force the browser to send 
credentials by returning AUTH_REQUIRED from that).

I only have access to the .htaccess to configure this (for now), and I suspect 
that the LDAP authentication already configured in the httpd.conf is 
interfering with my ability to call my PerlAuthenHandler.  Is it the case 
that only one module can handle 'authentication' for a location (even if more 
than one can be run for 'access')?

Simplified version of code is below:

.htaccess:
---------------------

PerlRequire /path/to/lib/My/Access.pm
PerlRequire /path/to/lib/My/Authen.pm

AuthName Test
AuthType Basic
PerlAccessHandler My::Access->handler
PerlAuthenHandler My::Authen->handler
Require valid-user
Order deny,allow
Deny from all

My/Access.pm
---------------------

package My::Access;

use strict;
use warnings;

use Apache::Constants qw(:common);

sub handler ($$) {
    my ($class, $r) = @_;
    warn "My::Access::handler called";  # appears in logfile
    # this return value is temporary while testing!!
    return AUTH_REQUIRED;
}

My/Authen.pm
---------------------

package My::Authen;

use strict;
use warnings;

use Apache::Constants (:common);

sub handler ($$) {
    my ($class, $r) = @_;
    warn "My::Authen::handler called";  # does not appear in logfile
    return OK;
}

---------------------

Thanks in advance for any help or tips you can give.

-- 
Gary