Return-Path: Delivered-To: apmail-perl-modperl-archive@www.apache.org Received: (qmail 7976 invoked from network); 21 May 2008 14:26:54 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 21 May 2008 14:26:54 -0000 Received: (qmail 79236 invoked by uid 500); 21 May 2008 14:26:49 -0000 Delivered-To: apmail-perl-modperl-archive@perl.apache.org Received: (qmail 79220 invoked by uid 500); 21 May 2008 14:26:49 -0000 Mailing-List: contact modperl-help@perl.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list modperl@perl.apache.org Received: (qmail 79209 invoked by uid 99); 21 May 2008 14:26:49 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 21 May 2008 07:26:49 -0700 X-ASF-Spam-Status: No, hits=1.4 required=10.0 tests=SPF_NEUTRAL,WHOIS_MYPRIVREG X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [207.5.72.95] (HELO EXHUB015-3.exch015.msoutlookonline.net) (207.5.72.95) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 21 May 2008 14:26:03 +0000 Received: from philip.hq.rws (74.93.213.161) by smtpx15.msoutlookonline.net (207.5.72.103) with Microsoft SMTP Server (TLS) id 8.1.263.0; Wed, 21 May 2008 07:26:17 -0700 Message-ID: <48343108.8080008@p6m7g8.com> Date: Wed, 21 May 2008 10:26:16 -0400 From: "Philip M. Gollucci" Organization: P6M7G8 Consulting User-Agent: Thunderbird 2.0.0.12 (X11/20080414) MIME-Version: 1.0 To: fof CC: modperl@perl.apache.org Subject: Re: PerlAuthenHandler and ErrorDocument 401 References: <17330888.post@talk.nabble.com> <200805201018.20591.torsten.foertsch@gmx.net> <17353562.post@talk.nabble.com> <17353912.post@talk.nabble.com> <200805210755.24080.torsten.foertsch@gmx.net> <17356582.post@talk.nabble.com> In-Reply-To: <17356582.post@talk.nabble.com> X-Enigmail-Version: 0.95.6 Content-Type: text/plain; charset="ISO-8859-1"; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 | I have uploaded my MyAuthenHandler.pm and the modules it relies on for | configuration perhaps if you have time you could peruse the code and let me | know if I am doing anything wrong for this type of operation. | | Thanks again for your help on this. | | http://www.nabble.com/file/p17356582/MyAuthenHandler.pm MyAuthenHandler.pm | http://www.nabble.com/file/p17356582/MyModPerlUtility.pm MyModPerlUtility.pm | http://www.nabble.com/file/p17356582/MyModPerlDBUtility.pm | MyModPerlDBUtility.pm In my experience and a few others on the list if you search the archives, its almost never worth it to override with something unless you don't have any 'assets' being served from this server which is an advisable idea. Anyway, I think what you are after might be a fully baked AAA (3 httpd phases) More examples are on perl.apache.org Everything below is a snippet of a live site. vhosts-ssl/site.conf: - --------------------- ~ SetHandler modperl ~ AuthType Basic ~ AuthName "ISST" ~ Require valid-user ~ PerlAccessHandler ISST::Access ~ PerlAuthenHandler ISST::Authen ~ PerlResponseHandler ISST::Login vhosts/site.conf: - ----------------- RewriteEngine On RewriteRule ^/timeline/login https://%{SERVER_NAME}/timeline/login [L,R] PerlMapToStorageHandler ISST::MapToStorage ### AAA ~ AuthType Basic ~ AuthName "ISST" ~ Require valid-user ~ PerlAccessHandler ISST::Access ~ PerlAuthenHandler ISST::Authen ~ PerlAuthzHandler ISST::Authz ~ SetHandler modperl ~ PerlResponseHandler ISST::Login ISST/Access.pm: - --------------- package ISST::Access; use Apache2::RequestRec (); use Apache2::Const -compile => qw(DECLINED REDIRECT OK); use Apache2::Cookie (); sub handler { ~ my $r = shift; ~ return Apache2::Const::DECLINED if $r->uri =~ m#/timeline/(privacy|register)#; ~ .... ~ return Apache2::Const::OK; } ISST/Authen.pm: - --------------- package ISST::Authen; use Apache2::RequestRec (); use Apache2::Const -compile => qw(OK REDIRECT); use Apache2::Cookie (); sub handler { ~ my $r = shift; ~ ## can't used DECLINED or you get the REALM popup ~ return Apache2::Const::OK if $r->uri =~ m#/timeline/(login|logout|register|privacy)#; ~ if (ISST::User->getLoggedIn($r)) { ~ return Apache2::Const::OK; ~ } ~ else { ~ $r->note_basic_auth_failure; ~ $r->headers_out->set(Location => ISST::Const::URL_LOGIN); ~ return Apache2::Const::REDIRECT; ~ } } ISST/Authz.pm: - -------------- package ISST::Authz; use Apache2::RequestRec (); use Apache2::Const -compile => qw(DECLINED OK HTTP_UNAUTHORIZED); sub handler { ~ my $r = shift; ~ return Apache2::Const::DECLINED unless $r->uri =~ m#/timeline/(foo)#; ~ my $resource = $1; ~ my $user = ISST::User->getLoggedIn($r); ~ if ($user->isAllowed($resource)) { ~ return Apache2::Const::OK; ~ } ~ else { ~ return Apache2::Const::HTTP_UNAUTHORIZED; ~ } } ISST/MapToStorage.pm: - --------------------- package ISST::MapToStorage; use Apache2::RequestRec (); use Apache2::Const -compile => qw(DECLINED OK); sub handler { ~ my $r = shift; ~ return Apache2::Const::OK if $r->uri =~ m|/timeline|; ~ return Apache2::Const::DECLINED; } - -- - ------------------------------------------------------------------------ Philip M. Gollucci (philip@ridecharge.com) o:703.549.2050x206 Senior System Admin - Riderway, Inc. http://riderway.com / http://ridecharge.com 1024D/DB9B8C1C B90B FBC3 A3A1 C71A 8E70 3F8C 75B8 8FFB DB9B 8C1C Work like you don't need the money, love like you'll never get hurt, and dance like nobody's watching. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.8 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFINDEIdbiP+9ubjBwRAq31AJ9y7tGTBEvCdNWP11mWthol5RRTVQCdEvym w8yXkT7TpPCm81kKfDBrv1Q= =6jT8 -----END PGP SIGNATURE-----