I don't think you can blame this one on CGI::Application. The problem is happening much higher in the call stack. My guess is that it is an apache problem (possible misconfiguration). Can you provide the SSL config options that you are using for this site (and compare them against what you have configured on your system that works).
This is really a shot in the dark, but do you have the following line in your apache config: SSLOptions +FakeBasicAuth That may remove the REMOTE_USER environment variable if the client is not using a digital certificate to authenticate [1]. And since you are trying to use standard username/passphrase authentication, they might conflict. I'd suggest a thorough comparison of the apache configs if the above suggestion doesn't solve your problem. Cheers, Cees [1] http://www.modssl.org/docs/2.8/ssl_reference.html#ToC21 On 7/5/05, Eric <[EMAIL PROTECTED]> wrote: > Hi, > > I tried this on the mod_perl list, got a few tips about checking the > SSLOptions param, but I am still not having any luck. I am pretty close to > saying the hell with it, and just making use of one of the examples in the > mod_perl books for auth. It is old news now, but I had the same problem > with IP addresses, but that was easy to deal with using Apache::Request. > But for some reason the user is different. > > ......................... > > I am using CGI::Application under mod_perl 1.29/with mod_ssl on a Solaris > 10 machine. > Since our move from a internal office machine that was not using SSL to an > outside machine that is, I have not been able to get the Basic user's name. > I think I have tried just about everything, including the correct way. That > should be, if the ENV doesn't work, then I should be able to use > Apache::Request to get the info, I had to do that with the IP address a > long while back for example. > > But this doesn't work: > > my $r = Apache->request(); # > my $c = $r->connection; > my $user = $c->user(); > warn "REMOTE USER IS,$user"; > > And I get nothing for the $user. > > So I tried this: > > my $r = Apache->request(); # > my $headers = $r->headers_in(); > warn Dumper \%ENV; > warn Dumper $headers; > > my $c = $r->connection; > my $user = $c->user(); > warn "REMOTE USER IS,$user"; > > Output... > > > %ENV dump > 'SSL_SESSION_ID' => > '48E61FD73981E09104082EFFB995DCB4B5941ACD63B4DE189280B2A1A609029C6', > 'SCRIPT_NAME' => '/perl/multi_cs.cgi', > 'SSL_PROTOCOL' => 'SSLv3', > 'REQUEST_METHOD' => 'GET', > 'HTTP_ACCEPT' => > 'text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5', > 'SCRIPT_FILENAME' => '/usr/local/apachessl/perl/multi_cs.cgi', > 'SSL_VERSION_LIBRARY' => 'OpenSSL/0.9.7d', > 'SSL_VERSION_INTERFACE' => 'mod_ssl/2.8.19', > 'SSL_CLIENT_VERIFY' => 'NONE', > 'SSL_SERVER_S_DN_ST' => 'British Columbia', > 'SERVER_SOFTWARE' => 'Apache/1.3.31 (Unix) mod_perl/1.29 > mod_ssl/2.8.19 OpenSSL/0.9.7d', > 'SSL_SERVER_I_DN_OU' => 'Equifax Secure Certificate Authority', > 'QUERY_STRING' => > 'datecontrol1=&datecontrol2=&rm=order_display&ord_num=&old_ord_num=&cu_phone_raw=&postal=&cu_lastname=&cu_firstname=&cu_address1=&cu_city=&cu_st_prov=n%2Fa&cu_countrycode=--&cu_email=&quantity_ordered=&product_name=0&username=&Submit=Go+Search&month=0&day=0&year=0&endmonth=0&endday=0&endyear=0&orderby=orders.ord_date', > 'REMOTE_PORT' => '4398', > 'HTTP_USER_AGENT' => 'Mozilla/5.0 (Windows; U; Windows NT 5.0; > en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0', > 'SSL_SERVER_S_DN_CN' => 'dmcontact.com', > 'SERVER_SIGNATURE' => '<ADDRESS>Apache/1.3.31 Server at > dmcontact.com Port 443</ADDRESS> > ', > 'SSL_SERVER_S_DN_L' => 'Victoria', > 'HTTP_CACHE_CONTROL' => 'max-age=0', > 'HTTP_ACCEPT_LANGUAGE' => 'en-us,en;q=0.5', > 'HTTP_KEEP_ALIVE' => '300', > 'SSL_SERVER_A_SIG' => 'sha1WithRSAEncryption', > 'PATH' => > '/usr/sbin:/usr/bin:/usr/ccs/bin:/usr/openwin/bin:/usr/dt/bin:/usr/platform/i86pc/sbin:/opt/sun/bin:/usr/local/mysql/bin:/usr/sfw/bin:/opt/SUNWvts/bin:/opt/SUNWexplo/bin', > 'GATEWAY_INTERFACE' => 'CGI-Perl/1.1', > 'SSL_CIPHER_USEKEYSIZE' => '256', > 'HTTPS' => 'on', > 'SSL_CIPHER_ALGKEYSIZE' => '256', > 'DOCUMENT_ROOT' => '/usr/local/apachessl/htdocs', > 'SSL_SERVER_M_SERIAL' => '051E24', > 'SSL_CIPHER_EXPORT' => 'false', > 'SSL_SERVER_S_DN_O' => 'DM Contact Management Ltd.', > 'SSL_SERVER_S_DN' => '/C=CA/ST=British Columbia/L=Victoria/O=DM > Contact Management Ltd./CN=dmcontact.com', > 'SERVER_NAME' => 'dmcontact.com', > 'SSL_SERVER_I_DN_O' => 'Equifax', > 'HTTP_REFERER' => > 'https://dmcontact.com/perl/multi_cs.cgi?rm=order_search', > 'HTTP_ACCEPT_ENCODING' => 'gzip,deflate', > 'PERL_SEND_HEADER' => 'On', > 'SERVER_ADMIN' => '[EMAIL PROTECTED]', > 'HTTP_CONNECTION' => 'keep-alive', > 'SSL_SERVER_V_END' => 'Oct 14 18:07:34 2005 GMT', > 'SSL_SERVER_I_DN_C' => 'US', > 'HTTP_ACCEPT_CHARSET' => 'ISO-8859-1,utf-8;q=0.7,*;q=0.7', > 'TZ' => 'US/Pacific', > 'SSL_SERVER_V_START' => 'Oct 13 18:07:34 2004 GMT', > 'SERVER_PORT' => '443', > 'SSL_SERVER_S_DN_C' => 'CA', > 'SSL_SERVER_A_KEY' => 'rsaEncryption', > 'REMOTE_ADDR' => '24.179.181.36', > 'SSL_CIPHER' => 'DHE-RSA-AES256-SHA', > 'SERVER_PROTOCOL' => 'HTTP/1.1', > 'REQUEST_URI' => > '/perl/multi_cs.cgi?datecontrol1=&datecontrol2=&rm=order_display&ord_num=&old_ord_num=&cu_phone_raw=&postal=&cu_lastname=&cu_firstname=&cu_address1=&cu_city=&cu_st_prov=n%2Fa&cu_countrycode=--&cu_email=&quantity_ordered=&product_name=0&username=&Submit=Go+Search&month=0&day=0&year=0&endmonth=0&endday=0&endyear=0&orderby=orders.ord_date', > 'SSL_SERVER_M_VERSION' => '3', > 'SSL_SERVER_I_DN' => '/C=US/O=Equifax/OU=Equifax Secure > Certificate Authority', > 'SERVER_ADDR' => '24.90.29.168', > 'HTTP_HOST' => 'dmcontact.com', > 'MOD_PERL' => 'mod_perl/1.29' > }; > > $r->headers_in() Dump > > $VAR1 = bless( { > 'Accept' => > 'text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5', > 'Accept-Charset' => 'ISO-8859-1,utf-8;q=0.7,*;q=0.7', > 'Accept-Encoding' => 'gzip,deflate', > 'Accept-Language' => 'en-us,en;q=0.5', > 'Authorization' => 'Basic (crypted password here)', > 'Cache-Control' => 'max-age=0', > 'Connection' => 'keep-alive', > 'Host' => 'dmcontact.com', > 'Keep-Alive' => '300', > 'Referer' => > 'https://dmcontact.com/perl/multi_cs.cgi?rm=order_search', > 'User-Agent' => 'Mozilla/5.0 (Windows; U; Windows NT > 5.0; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0' > > But where is the user? I can get the password from Authorization, the > username is getting recorded in the Access log, so I know it does exist and > Apache knows about it. > > I am lost, this is pretty important for this app too :( > > > Thanks, > > Eric > > > > > > > --------------------------------------------------------------------- > Web Archive: http://www.mail-archive.com/[email protected]/ > http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2 > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- Web Archive: http://www.mail-archive.com/[email protected]/ http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2 To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
