perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ihnen, David" <>
Subject RE: Use form instead of AuthType Basic (pop-up windows)
Date Thu, 21 Jan 2010 18:15:33 GMT
I happen to have just finished debugging my latest authen/authz cookie-based authentication
module last night, so this is *really* fresh in my head.

So right now you're using AuthType basic.  Change that to something else specific to your
module.  The basic auth will no longer respond.

Program an authentication handler (point to with PerlAuthenHandler directive).  It returns
Apache2::Const::DECLINED if the ->auth_type doesn't match your custom type.  Authen handlers
set the ->user of the requestrec object (probably by reading and validating a cookie in
this case).  If authorization is required for the request and you didn't set a username, you
should probably return Apache2::Const::FORBIDDEN.  If it succeeded or it doesn't matter, you
can return Apache2::Const::OK;

Program an authorization handler.  (point to with PerlAuthzHandler directive).  This use the
Apache2::Access::requires method to get a list of your authentication requirements from the
auth config in apache's config file (like Require valid-user).  And Apache2::Access::satisfies
to determine how you  interpret the list of requirements.

If you want to use a straight login page, If Authorization fails, set error header 'Location'
to the location of your login script and return Apache2::Const::REDIRECT from the handler.

If you want to use an error document, If Authorization fails, return Apache2::Const::AUTH_REQUIRED
or Apache2::Const::FORBIDDEN from the handler.  (configure ErrorDocument 401 or 403 respectively)

If authorization succeeds, simply return Apache2::Const::OK.

I also have handlers functions for LOGIN and LOGOUT which set and clear the auth cookie. 
That's different though - Authen/Authz is the part where you decide if the user is recognized
and is allowed to access, which is what you asked about.


From: Juan Manuel Parrilla Gutiérrez []
Sent: Thursday, January 21, 2010 9:26 AM
To: mod_perl list
Subject: Re: Use form instead of AuthType Basic (pop-up windows)

Hello, I am sorry if I didnt explain me properly.
What I want to know is understand how use a formulary instead of AuthType Basic. I know there
are several modules that are doing this, but it is not about using one, it is about understanding

I am doing my own Auth module (just to learn about it and mod_perl) and I would like to use
a form instead of pop up window, and using CGI is not an option because I want to use Authz
and Authen handlers.

What I need are the basic steps to move from AuthType Basic to use a form.

Thank you very much for all your answers,
Juan Manuel Parrilla Gutierrez
2010/1/21 André Warnier <<>>
Juan Manuel Parrilla Gutiérrez wrote:
Hello, this is my first message to this list and I am also a bit new to
My question is simple, in all the documentation I have found about mod_perl
and auth (like practical mod perl, or writing apache modules in perl and c)
they are always using AuthType Basic, so when the users tries to acess some
protected content, a pop up windows will appear to ask for name/pass.

What I want to do is to use a formulary instead of that pop-up window. As
far as I know looking at AuthCookie, for example, there they define
"AuthType Sample::AuthCookie" and they also define a<> and different
configs in the conf files.

I want to know the different steps to define and use a form instead of
AuthType Basic.
Have a look here :
and scroll to the section

If you install that module, it comes along with examples.
AAA is tricky, and maybe not the easiest way to start playing with mod_perl.  But this documentation
is well-done, and should get you started, if you follow it carefully.

View raw message