perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "C. Bensend" <be...@bennyvision.com>
Subject Apache::AuthenNTLM not failing through to basic auth
Date Thu, 15 Apr 2010 18:49:35 GMT

Hey folks,

   I just got NTLM authentication working on one of my Red Hat 5.4
machines thanks to this module.  Oh thank god, you wouldn't believe
how many different methods I had tried until this module worked.

   I did have a few things that I had to change to get it working:

1) I had to comment out the 'use strict' in AuthenNTLM.pm, lest it
   complain about barewords not allowed while 'strict subs' in use

2) I had to change Apache to Apache2 in the 'if (MP2)' require
   statements, which I'm sure is how I built it or something
   specific to my distribution.  Regardless, not a big deal.

3) I had to change 'use mod_perl' to 'use mod_perl2'

However, I'm seeing that HTTP basic auth isn't being tried if NTLM
fails (I never get an auth popup, Nagios just acts as if it didn't
get a username).  From the docs, I would expect the following
settings within the Apache Location:

   PerlSetVar ntlmauthoritative off
   PerlSetVar basicauthoritative on

would tell it to try NTLM, and if that fails, use basic auth.  I
never get an authorization box.  I have tried all permutations of
"off" and "on" with both directives, and they all behave the same -
if NTLM fails, I am not authorized.

The specs:

Red Hat 5.4
Apache 2.2.3 (via RHEL RPM)
mod_perl 2.0.4 (via RHEL RPM)
Apache-AuthenNTLM v 2.10 downloaded from CPAN and installed by hand
   (perl Makefile.pl ; make ; make test ; make install) and then
   AuthenNTLM.pm tweaked:

--- ../Apache-AuthenNTLM-2.10/AuthenNTLM.pm     2005-02-07
09:51:57.000000000 -0600
+++ ./AuthenNTLM.pm     2010-04-15 11:05:07.000000000 -0500
@@ -16,7 +16,7 @@

 package Apache::AuthenNTLM ;

-use strict ;
+#use strict ;
 use vars qw{$cache $VERSION %msgflags1 %msgflags2 %msgflags3 %invflags1
%invflags2 %invflags3 $addr $port $debug} ;

 $VERSION = 2.10 ;
@@ -66,7 +66,7 @@
 ############################################
 # here is where we start the new code....
 ############################################
-use mod_perl ;
+use mod_perl2 ;

 # use Apache::Constants qw(:common);
 # setting the constants to help identify which version of mod_perl
@@ -76,13 +76,13 @@
 # test for the version of mod_perl, and use the appropriate libraries
BEGIN {
         if (MP2) {
-                require Apache::Const ;
-                require Apache::Access ;
-                require Apache::Connection ;
-                require Apache::Log ;
-                require Apache::RequestRec ;
-                require Apache::RequestUtil ;
-               require Apache::RequestIO ;
+                require Apache2::Const ;
+                require Apache2::Access ;
+                require Apache2::Connection ;
+                require Apache2::Log ;
+                require Apache2::RequestRec ;
+                require Apache2::RequestUtil ;
+               require Apache2::RequestIO ;
                require APR::Table ;
                require APR::SockAddr ;
                 Apache::Const->import(-compile =>
'HTTP_UNAUTHORIZED','HTTP_IN
ERNAL_SERVER_ERROR','DECLINED','HTTP_FORBIDDEN','OK') ;

Now, it appears that the 'PerlSetVar basicauthoritative' section of
the pod is a copy-n-paste from ntlmauthoritative and hasn't been
corrected; am I reading too much into what I think should be there?

Thanks for any help you can give me!

Benny


-- 
Me:  'How big a monster can you take out with one of those? Would
      you win a fight with Godzilla?'
Jim: 'You could disassemble Godzilla at a range of seven miles.'
                           -- Blog entry about the 76mm Melera, a
                              gun on a US Navy Perry-class frigate that
Somali pirates tried to seize


-- 
Me:  'How big a monster can you take out with one of those? Would
      you win a fight with Godzilla?'
Jim: 'You could disassemble Godzilla at a range of seven miles.'
                           -- Blog entry about the 76mm Melera, a
                              gun on a US Navy Perry-class frigate that
Somali pirates tried to seize





Mime
View raw message