perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: setting a server variable
Date Sat, 14 Jun 2008 07:57:31 GMT

tyju tiui wrote:
> Hi,
> I'm new to mod_perl and I'm having some difficulty understanding a few things.
> I'd like to write an Apache module which authenticates a request based on the URL.
> I only want the module to deny invalid requests and allow valid requests to be processed
as normal.
> A more specific example would be like:
>     Request URL:
>     Module logic: if REALLY-SECURE-TOKEN is valid, allow the request to continue - else,
stop request with an error
>   External application logic: if request got here without error then
> find the file2download and write it to the output stream - else, show
> custom error
> I think the best way to do this is something like:
> 1) Write a module which evaluates the URL and places a variable in the request's scope

> 2)
> Use mod_rewrite to evaluate the newly set variable and pass execution
> to the proper place with any error code that might have been placed in
> the variable
With mod_perl, it might not be so complicated.
What you probably want is a PerlAccessHandler module.
This will check if the request URL is ok (valid token).
If it is, it returns Apache2::Const::OK, and Apache will continue 
processing the request (e.g., sending the file).
If the token is not ok, it returns Apache2::Const::FORBIDDEN, and Apache 
will (automatically) return an error page telling the user he is not 
allowed to do that.

Look there for an explanation and an example :

In your case, forget the Apache2::Connection and the IP-linked stuff, 
and replace it with your code to check the URL.
In the Apache configuration, you would have something like this :

<Location />
  .. general rules for allowing things like html pages, gifs etc..
<Location /downloads>
# where your files are
SetHandler mod_perl
PerlAccessHandler MyModule

And that's basically it.
Now, if this is your first mod_perl Apache add-on module, you'll have to 
figure out some more stuff, but it's fun.


View raw message