Return-Path: Delivered-To: apmail-perl-modperl-archive@www.apache.org Received: (qmail 29785 invoked from network); 8 Jan 2009 19:45:47 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 8 Jan 2009 19:45:47 -0000 Received: (qmail 16281 invoked by uid 500); 8 Jan 2009 19:45:42 -0000 Delivered-To: apmail-perl-modperl-archive@perl.apache.org Received: (qmail 16264 invoked by uid 500); 8 Jan 2009 19:45:42 -0000 Mailing-List: contact modperl-help@perl.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list modperl@perl.apache.org Received: (qmail 16251 invoked by uid 99); 8 Jan 2009 19:45:42 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 08 Jan 2009 11:45:42 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of odysseas@sysnetint.com designates 204.10.243.120 as permitted sender) Received: from [204.10.243.120] (HELO helsinki.clusterspan.net) (204.10.243.120) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 08 Jan 2009 19:45:33 +0000 Received: (qmail 26141 invoked from network); 8 Jan 2009 14:45:12 -0500 Received: from pool-173-66-41-127.washdc.fios.verizon.net (HELO llv2648972) (173.66.41.127) by helsinki.clusterspan.net with SMTP; 8 Jan 2009 14:45:12 -0500 Reply-To: From: "Odysseas Pentakalos, Ph.D." To: "'Mark Hedges'" Cc: References: <34D63706784547699728873644F8AEAB@northgrum.com> Subject: RE: Authorization module is not working Date: Thu, 8 Jan 2009 14:45:12 -0500 Organization: SYSNET International, Inc. Message-ID: <649607324C0C4477AFC92348AF56E2F1@northgrum.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 In-Reply-To: thread-index: AclxxuGmSIc4wj6IT5a6MvKViXNk7gAAh0yg X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579 X-Virus-Checked: Checked by ClamAV on apache.org Mark, Thanks so much for your help. That was not the problem but it helped me see the problem. I was not importing the Constants at the top so regardless of whether I was returning FORBIDDEN or DECLINED, or HTTP_UNAUTHORIZED the value was invalid. I spent hours tracking down this oversight. Thanks again, Odysseas -----Original Message----- From: Mark Hedges [mailto:hedges@scriptdolphin.org] Sent: Thursday, January 08, 2009 2:24 PM To: Odysseas Pentakalos, Ph.D. Cc: modperl@perl.apache.org Subject: Re: Authorization module is not working On Wed, 7 Jan 2009, Odysseas Pentakalos, Ph.D. wrote: > > sub handler { > my($r) = @_; > > my $log = $r->log; > > return FORBIDDEN unless $r->is_main; > > my $subr = $r->lookup_uri($r->uri); > my $dn = $subr->subprocess_env('SSL_CLIENT_S_DN'); > > $r->log_reason("In CertAuthz a certificate must be provided with a > DN of $dn.", $r->filename); > return FORBIDDEN; > } Try using $r->note_basic_auth_failure() and return Apache2::Const::HTTP_UNAUTHORIZED ? http://perl.apache.org/docs/2.0/user/handlers/http.html#PerlAuthzHandler Mark