SPUG: mod_perl auth questions
El JoPe Magnifico
jope-spug at jope.net
Sat Jul 14 15:02:42 CDT 2001
I'm writing a mod_perl authentication handler, and have run across a
couple annoyances that don't seem to be covered in the eagle book or
any of the POD that I've read so far.
1. While processing most requests, handler() is being called three times.
The only exception has been when handler() returns early because no
username was provided. My only thought is that this is the result
of sub-requests being fired off somewhere under the hood.
2. I can set the user, but can't find any way to set the group(s) to which
the user belongs, which apparently is needed if "require valid-user"
is used, which in turn is necessary in order to use an authentication
handler. I've found two workarounds, but neither is perfect:
a. Add "AuthGroupFile /dev/null" to the configuration.
This adds an unwanted dependence on mod_auth though.
b. Use a no-op, i.e. $req->push_handlers(PerlAuthzHandler,\&OK).
This prevents me from falling through to the default authorization
routine in the Apache core. Right now this isn't a problem, so
this is what I'm using. But it just doesn't seem "correct".
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
POST TO: spug-list at pm.org PROBLEMS: owner-spug-list at pm.org
Subscriptions; Email to majordomo at pm.org: ACTION LIST EMAIL
Replace ACTION by subscribe or unsubscribe, EMAIL by your Email-address
For daily traffic, use spug-list for LIST ; for weekly, spug-list-digest
Seattle Perl Users Group (SPUG) Home Page: http://www.halcyon.com/spug/
More information about the spug-list