perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Helmut Zeilinger <h.zeilin...@envirotex.de>
Subject Re: mod_perl 2 and Apache::AuthCookie
Date Fri, 09 May 2003 07:06:41 GMT
Ok,

"diff -u AuthCookie.pm AuthCookieNew.pm":

<DIFF>

--- AuthCookie.pm	2003-05-09 08:30:50.000000000 +0200
+++ AuthCookieNew.pm	2003-05-09 08:28:40.000000000 +0200
@@ -1,12 +1,13 @@
-package Apache::AuthCookie;
+package Apache::AuthCookieNew;

 use strict;

 use Carp;
 use mod_perl qw(1.07 StackedHandlers MethodHandlers Authen Authz);
-use Apache::Constants qw(:common M_GET FORBIDDEN REDIRECT);
+use Apache::Constants qw(:common M_GET FORBIDDEN REDIRECT HTTP_FORBIDDEN);
 use Apache::AuthCookie::Util;
 use Apache::Util qw(escape_uri);
+use Apache::RequestRec;
 use vars qw($VERSION);

 # $Id: AuthCookie.pm,v 2.39 2002/09/25 16:44:31 mschout Exp $
@@ -17,16 +18,16 @@
   my $debug = $r->dir_config("AuthCookieDebug") || 0;
   my ($auth_type, $auth_name) = ($r->auth_type, $r->auth_name);
   return unless $auth_type && $auth_name;
-  return unless $r->header_in('Cookie');
+  return unless $r->headers_in->{'Cookie'};

-  my ($cookie) = $r->header_in('Cookie') =~ 
/${auth_type}_${auth_name}=([^;]+)/;
+  my ($cookie) = $r->headers_in->{'Cookie'} =~ 
/${auth_type}_${auth_name}=([^;]+)/;
   $r->log_error("cookie ${auth_type}_${auth_name} is $cookie") if $debug 
>= 2;
   return unless $cookie;

   my ($user,@args) = $auth_type->authen_ses_key($r, $cookie);
   if ($user and scalar @args == 0) {
     $r->log_error("user is $user") if $debug >= 2;
-    $r->connection->user($user);
+    $r->user($user);
   } elsif (scalar @args > 0 and $auth_type->can('custom_errors')) {
     return $auth_type->custom_errors($r, $user, @args);
   }
@@ -105,9 +106,9 @@

   unless ($r->dir_config("${auth_name}Cache")) {
     $r->no_cache(1);
-    $r->err_header_out("Pragma" => "no-cache");
+    $r->err_headers_out->{"Pragma"} = "no-cache";
   }
-  $r->header_out("Location" => $args{'destination'});
+  $r->headers_out->{"Location"} = $args{'destination'};
   return REDIRECT;
 }

@@ -122,16 +123,16 @@
                                   key     => "$auth_type\_$auth_name",
                                   value   => '',
                                   expires => 'Mon, 21-May-1971 00:00:00 
GMT' );
-  $r->err_headers_out->add("Set-Cookie" => "$str");
-  $r->log_error("set_cookie " . $r->err_header_out("Set-Cookie")) if 
$debug >= 2;
+  $r->err_headers_out->add("Set-Cookie", "$str");
+  $r->log_error("set_cookie " . $r->err_headers_out->{"Set-Cookie"}) if 
$debug >= 2;
   unless ($r->dir_config("${auth_name}Cache")) {
     $r->no_cache(1);
-    $r->err_header_out("Pragma" => "no-cache");
+    $r->err_headers_out->{"Pragma"} = "no-cache";
   }

   #my %args = $r->args;
   #if (exists $args{'redirect'}) {
-  #  $r->err_header_out("Location" => $args{'redirect'});
+  #  $r->err_headers_out->{"Location"} = $args{'redirect'};
   #  return REDIRECT;
   #} else {
   #  $r->status(200);
@@ -165,10 +166,10 @@

   # Get the Cookie header. If there is a session key for this realm, strip
   # off everything but the value of the cookie.
-  my ($ses_key_cookie) = ($r->header_in("Cookie") || "") =~ 
/$auth_type\_$auth_name=([^;]+)/;
+  my ($ses_key_cookie) = ($r->headers_in->{"Cookie"} || "") =~ 
/$auth_type\_$auth_name=([^;]+)/;
   $ses_key_cookie = "" unless defined($ses_key_cookie);

-  $r->log_error("ses_key_cookie " . $ses_key_cookie) if ($debug >= 1);
+  $r->log_error("(authenticate) ses_key_cookie " . $ses_key_cookie) if 
($debug >= 1);
   $r->log_error("uri " . $r->uri) if ($debug >= 2);

   if ($ses_key_cookie) {
@@ -179,8 +180,9 @@
       # Tell the rest of Apache what the authentication method and
       # user is.

-      $r->connection->auth_type($auth_type);
-      $r->connection->user($auth_user);
+#      $r->connection->auth_type($auth_type);
+      $r->auth_type($auth_type);
+      $r->user($auth_user);
       $r->log_error("user authenticated as $auth_user") if $debug >= 1;

       return OK;
@@ -197,8 +199,8 @@
         value   => '',
         expires => 'Mon, 21-May-1971 00:00:00 GMT'
       );
-      $r->err_headers_out->add("Set-Cookie" => "$str");
-      $r->log_error("set_cookie " . $r->err_header_out("Set-Cookie")) if 
$debug >= 2;
+      $r->err_headers_out->add("Set-Cookie","$str");
+      $r->log_error("set_cookie " . $r->err_headers_out->{"Set-Cookie"}) 
if $debug >= 2;
       $r->subprocess_env('AuthCookieReason', 'bad_cookie');
     }
   } else {
@@ -228,10 +230,11 @@
     $r->log_reason("PerlSetVar '${auth_name}LoginScript' not set", 
$r->uri);
     return SERVER_ERROR;
   }
-  #$r->log_error("Redirecting to $authen_script");
+  $r->log_error("Redirecting to $authen_script");
   $r->custom_response(FORBIDDEN, $authen_script);
+#  $r->custom_response(FORBIDDEN, 'Not allowed');

-  return FORBIDDEN;
+  return HTTP_FORBIDDEN;
 }

 sub satisfy_is_valid {
@@ -266,7 +269,7 @@

   my $reqs_arr = $r->requires or return DECLINED;

-  my $user = $r->connection->user;
+  my $user = $r->user;
   unless ($user) {
     # user is either undef or =0 which means the authentication failed
     $r->log_reason("No user authenticated", $r->uri);
@@ -327,10 +330,10 @@

   # add P3P header if user has configured it.
   if (my $p3p = $r->dir_config("${auth_name}P3P")) {
-    $r->err_header_out(P3P => $p3p);
+    $r->err_headers_out->{'P3P'} = $p3p;
   }

-  $r->err_headers_out->add("Set-Cookie" => $cookie);
+  $r->err_headers_out->add ("Set-Cookie", $cookie);
 }


@@ -379,7 +382,7 @@
   my $self = shift;
   my $r = Apache->request;

-  my $allcook = ($r->header_in("Cookie") || "");
+  my $allcook = ($r->headers_in->{"Cookie"} || "");
   my ($type, $name) = ($r->auth_type, $r->auth_name);
   return ($allcook =~ /(?:^|\s)${type}_$name=([^;]*)/)[0];
 }
</DIFF>


Helmut


--On Friday, May 09, 2003 16:58:55 +1000 Stas Bekman <stas@stason.org> 
wrote:

> Dr. Helmut Zeilinger wrote:
>> Hi,
>>
>> some time ago i made the AuthCookie (Version 3.04) working under mp2
>> without
>> the "use compat" statement - for me.
>>
>> Below is the output of "diff AuthCookie.pm AuthCookieNew.pm":
>> (AuthCookieNew.pm is the changed one)
>>
>> Because i am currently not using this module, i do not know, if it still
>> works
>> - it should - and if there is a never version of the module, which may
>> be work under
>> mp2 unmodified - plaese check this!
>>
>> Of course this may not be perfect, it is only an idea, what to change
>> according to the
>> porting manual, that Perring mentioned.
>
> Can you please repost the diff in a unified form? that's the preferred
> way to submit patches. It's also incredibly hard to understand
> non-unified patches. On most systems you can achieve that with the -u
> flag:
>
> diff -u AuthCookie.pm AuthCookieNew.pm
>
> Also most important: please CC the module's authors since only he can
> apply this patch.






Mime
View raw message