Joshua (and others...):
This is difficult bug to describe, but appears to relate to the
initialization of the $Request->ServerVariables object.
I have the following OnStart event defined in my global.asa:
sub Script_OnStart{
foreach my $key (qw( REMOTE_USER REMOTE_GROUPS REDIRECT_REMOTE_GROUPS) ){
$Session->{$key} = $Request->ServerVariables($key) if
($Request->ServerVariables($key) ne "");
}
}
The purpose of this script is to set up a "sticky" REMOTE_GROUP and
REMOTE_USER login. I ask users to visit a /membersonly directory, which
uses Apache::DBI to authenticate and authorize the user. The authentication
info gets stored into the REMOTE_USER and REMOTE_GROUPS server variables.
If these values are non-zero, I copy them to the $Session for use by my
other scripts. In this manner, my ASP scripts can display different
information to users, depending on whether they are logged in, and what
their site permissions happen to be.
REMOTE_GROUP and REMOTE_USER variables should only appear in
$Request->ServerVariables when a file in one of the protected directories is
accessed. These values should be empty when accessing a non-protected file.
--> BUG: When I comment out the "foreach" transfer in the "OnStart" script
above, $Request->ServerVariables returns the correct values (i.e.,
REMOTE_GROUP and REMOTE_USER values don't exist.) HOWEVER, when the loop is
executed in "OnStart", the REMOTE_USER and REMOTE_GROUPS keys appear, and
assume the last known values (even from a different session!)
It appears that the act of referencing a non-existent key (e.g.,
REMOTE_GROUPS) in the $Request->ServerVariables object, forces the server to
return an incorrect value. I noticed this behavior on my Win32 apache
server, but have yet tested this behavior on a unix box.
Does $Request->ServerVariables keep a "local" copy of the %ENV? Could there
be something funny in the Win32 implementation (garbage collection, for
example) that would cause a old piece of hash memory to be accessed?
Does anyone see anything grossly incorrect? Is there a better way to
achieve my goals?
Here is my server setup:
Server Software: Apache/1.3.22 (Win32) mod_perl/1.26_01-dev
Apache::ASP: 2.29
Perl: 5.6.1 (ActiveState build 630)
Thanks,
JL
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
