perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Philip M. Gollucci" <pgollu...@p6m7g8.com>
Subject Re: PerlAuthenHandler and ErrorDocument 401
Date Wed, 21 May 2008 14:26:16 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

| I have uploaded my MyAuthenHandler.pm and the modules it relies on for
| configuration perhaps if you have time you could peruse the code and let me
| know if I am doing anything wrong for this type of operation.
|
| Thanks again for your help on this.
|
| http://www.nabble.com/file/p17356582/MyAuthenHandler.pm MyAuthenHandler.pm
| http://www.nabble.com/file/p17356582/MyModPerlUtility.pm MyModPerlUtility.pm
| http://www.nabble.com/file/p17356582/MyModPerlDBUtility.pm
| MyModPerlDBUtility.pm
In my experience and a few others on the list if you search the archives, its
almost never worth it to override <Location /> with something unless you don't
have any 'assets' being served from this server which is an advisable idea.

Anyway, I think what you are after might be a fully baked AAA (3 httpd phases)
More examples are on perl.apache.org

Everything below is a snippet of a live site.

vhosts-ssl/site.conf:
- ---------------------
<Location /timeline/login>
~            SetHandler modperl

~            AuthType Basic
~            AuthName "ISST"
~            Require valid-user

~            PerlAccessHandler ISST::Access
~            PerlAuthenHandler ISST::Authen

~            PerlResponseHandler ISST::Login
</Location>

vhosts/site.conf:
- -----------------
RewriteEngine On
RewriteRule  ^/timeline/login   https://%{SERVER_NAME}/timeline/login [L,R]

PerlMapToStorageHandler ISST::MapToStorage
### AAA
<Location /timeline>
~            AuthType Basic
~            AuthName "ISST"
~            Require valid-user

~            PerlAccessHandler ISST::Access
~            PerlAuthenHandler ISST::Authen
~            PerlAuthzHandler ISST::Authz
</Location>

<Location /timeline/login>
~            SetHandler modperl
~            PerlResponseHandler ISST::Login
</Location>

ISST/Access.pm:
- ---------------
package ISST::Access;
use Apache2::RequestRec ();
use Apache2::Const -compile => qw(DECLINED REDIRECT OK);
use Apache2::Cookie ();

sub handler {
~    my $r = shift;

~    return Apache2::Const::DECLINED
	if $r->uri =~ m#/timeline/(privacy|register)#;

~    ....

~    return Apache2::Const::OK;
}

ISST/Authen.pm:
- ---------------
package ISST::Authen;
use Apache2::RequestRec ();
use Apache2::Const -compile => qw(OK REDIRECT);
use Apache2::Cookie ();

sub handler {
~    my $r = shift;

~    ## can't used DECLINED or you get the REALM popup
~    return Apache2::Const::OK
	if $r->uri =~ m#/timeline/(login|logout|register|privacy)#;

~    if (ISST::User->getLoggedIn($r)) {
~        return Apache2::Const::OK;
~    }
~    else {
~        $r->note_basic_auth_failure;
~        $r->headers_out->set(Location => ISST::Const::URL_LOGIN);
~        return Apache2::Const::REDIRECT;
~    }
}

ISST/Authz.pm:
- --------------
package ISST::Authz;
use Apache2::RequestRec ();
use Apache2::Const -compile => qw(DECLINED OK HTTP_UNAUTHORIZED);

sub handler {
~    my $r = shift;

~    return Apache2::Const::DECLINED
	unless $r->uri =~ m#/timeline/(foo)#;

~    my $resource = $1;

~    my $user = ISST::User->getLoggedIn($r);

~    if ($user->isAllowed($resource)) {
~        return Apache2::Const::OK;
~    }
~    else {
~        return Apache2::Const::HTTP_UNAUTHORIZED;
~    }
}

ISST/MapToStorage.pm:
- ---------------------
package ISST::MapToStorage;
use Apache2::RequestRec ();
use Apache2::Const -compile => qw(DECLINED OK);

sub handler {
~    my $r = shift;

~    return Apache2::Const::OK if $r->uri =~ m|/timeline|;

~    return Apache2::Const::DECLINED;
}


- --
- ------------------------------------------------------------------------
Philip M. Gollucci (philip@ridecharge.com)
o:703.549.2050x206
Senior System Admin - Riderway, Inc.
http://riderway.com / http://ridecharge.com
1024D/DB9B8C1C B90B FBC3 A3A1 C71A 8E70  3F8C 75B8 8FFB DB9B 8C1C

Work like you don't need the money,
love like you'll never get hurt,
and dance like nobody's watching.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.8 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFINDEIdbiP+9ubjBwRAq31AJ9y7tGTBEvCdNWP11mWthol5RRTVQCdEvym
w8yXkT7TpPCm81kKfDBrv1Q=
=6jT8
-----END PGP SIGNATURE-----

Mime
View raw message