httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Trawick <traw...@gmail.com>
Subject [users@httpd] "AuthUserFIle not specified error" with FastCGI authorizer via mod_fcgid
Date Thu, 08 Aug 2013 19:26:58 GMT
On Thu, Aug 8, 2013 at 11:27 AM, <zstrebly@roadrunner.com> wrote:

> I am using Perl code from an old book that refers to mod_fastcgi but I
> have mod_fcgid installed. I had to comment out some code ( before exit) and
> change Accept() to eliminate some errors in conf/error_log. However, I
> still get a 500 instead of what is desired and a message saying:
> AuthUserFile not specified in the configuration. As I understand it, the
> script should take its place.
> Thanks again.
>
>
I guess your script is getting called first and it does not successfully
authenticate the user and mod_authn_file is also configured but it fails
due to an incomplete configuration.

(somewhat of a guess; I don't see your configuration)

See
http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html#fcgidauthenticatorauthoritative

Set that to Off so that no other authenticators are called.


>
> #!/usr/bin/perl -Tw
> use strict;
> use FCGI;
> my $lives=1000;
> my $content="\nContent-type: text/plain\n\n";
> my %status=(
>         200 => "Status: 200 - OK". $content,
>         401 => "Status: 401 - Unauthorized".$content,
>         403 => "Status: 403 - Forbidden".$content
> );
> my $authfile="/usr/local/apache2/exmar/conf/passwd/passwords";
> my %password;
> unless (open USERS,$authfile) { die "Failed to open authfile - $!\n";}
> while (<USERS>) {
>         chomp;
>         my ($user,$cryptpw)=split /:/;
>         $password{$user}=$cryptpw;
> }
> close USERS;
>
> #-------------------------------------------------------------------------------------------------
> my $r = FCGI::Request(\*STDIN, \*STDOUT, \*STDERR);
> while ($r->Accept()>=0) {
>         foreach my $var (
>         'FCGI_ROLE', 'FCGI_APACHE_ROLE', 'SCRIPT_NAME',
>         'REMOTE_ADDR', 'REMOTE_USER', 'REMOTE_PASSWORD',
>         'REQUEST_URI'
>         ){ $ENV{$var}=~/(.*)/ and $ENV{$var}=$1 if exists $ENV{$var};}
>
> if ($ENV{FCGI_ROLE} eq 'AUTHORIZER') {
>         SWITCH: foreach ($ENV{FCGI_APACHE_ROLE}) {
>
>         /^ACCESS_CHECKER/ and access_checker_role(),last SWITCH;
>         /^AUTHENTICATOR/ and authenticator_role(),last SWITCH;
>         /^AUTHORIZER/  and authorizer_role(),last SWITCH;
>
>  }
> } else {
>         responder_role();
> }
> last unless $lives--;
> #last if -M $ENV{SCRIPT_NAME} < 0 ;-----------------------------
> #last if -M $ENV{$authfile} <  0 ;-----------------------------
> }
> exit 0;
>
> #---------------------------------------------------------------------------------------
> sub responder_role{
>         print $status{500},
>         "This is an authentication application!\n";
>         "Configuring it as a responder is a server error\n";
> }
> sub access_checker_role {
>         if ($ENV{REMOTE_ADDR} eq "::1") {
>         print $status{200};
> } else {
>         print $status{401};
>  }
> }
>
> #--------------------------------------------------------------------------------------------
> sub authenticator_role {
>
>         my $user=$ENV{REMOTE_USER};
>         my $sent_password=$ENV{REMOTE_PASSWORD};
>         if (defined($sent_password) and defined($user) and exists
> $password{$user}) {
>                 if (crypt $sent_password,$password{$user}) {
>                         print $status{200};
>                 } else {
>         }               print $status{401};
>
>         } else {
>             print $status{401};
>         }
> }
> sub authorizer_role {
>         my $user=$ENV{REMOTE_USER};
>
>         if ($ENV{REQUEST_URI}=~m|/$user/|) {
>                 print $status{200};
> } else {
>         print $status{401};
> }
> }
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>


-- 
Born in Roswell... married an alien...
http://emptyhammock.com/

Mime
View raw message