Hi Keith,
Have you tried 'PerlSetupEnv On' in the apache conf. I couldn't get
%ENV using Dancer2 in mod_perl until I set this.
I couldn't get CGI/FCGI to work properly with Dancer2 (they set up their
own service on port 3000 instead of staying inside the CGI).
Regards,
Matt
On 6/12/2013 5:22 am, Keith Lawson wrote:
I didn't get any responses here or on IRC so I'm posting the solution I went
with to get it archived.
Keith Lawson 11/29/13 10:22 AM >>>
Hello,
I'm working on my first Dancer application and want to deploy it in our
standard server environment here.
For authentication/authz we have custom mod_perl auth handlers that set Apache
environment variables with user ID, group membership etc. >I'm trying to write
an implementation of Dancer::Plugin::Auth::Extensible::Provider that does
auth/authz by reading those environment variables however %ENV isn't populated in
my Dancer app. Looking at the source of public/dispatch.fcgi I noticed the
following:
# For some reason Apache SetEnv directives dont propagate
# correctly to the dispatchers, so forcing PSGI and env here
# is safer.
set apphandler => 'PSGI';
set environment => 'production';
Can anyone tell me if it's possible to get %ENV through to my Dancer app or
perhaps a different approach for auth/authz that uses $ENV{REMOTE_USER} and our
custom Apache environment variables?
I never did get FCGI to work so I tried regular CGI, here's my apache config
for my app:
SetEnv DANCER_ENVIRONMENT "development"
<Directory "/var/dancerdev/filesafe">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
AddHandler cgi-script .cgi
</Directory>
ScriptAlias /filesafe /var/dancerdev/filesafe/public/dispatch.cgi
This works but I had to comment out where %ENV keys were explicitly set in
dispatch.cgi so that the Apache conf directives for dev/prod environment worked
properly:
--- dispatch.cgi.dist 2013-12-05 09:21:35.917592251 -0500
+++ dispatch.cgi 2013-12-05 09:20:06.912736198 -0500
@@ -6,8 +6,8 @@
# For some reason Apache SetEnv directives dont propagate
# correctly to the dispatchers, so forcing PSGI and env here
# is safer.
-set apphandler => 'PSGI';
-set environment => 'production';
+# set apphandler => 'PSGI';
+# set environment => 'production';
my $psgi = path($RealBin, '..', 'bin', 'app.pl');
die "Unable to read startup script: $psgi" unless -r $psgi;
My first crack at doing Dancer auth/authz was to write a provider for
Dancer::Plugin::Auth::Extensible with subs that rely on %ENV like this:
sub authenticate_user
{
my ($self, $username, $password) = @_;
return $ENV{REMOTE_USER};
}
However I couldn't figure out why $ENV{REMOTE_USER} wasn't getting to the
plugin so I gave up.
I just ended up protecting portions of my new app with a <Location> stanza
using our Apache2::AuthCookie auth handlers:
<Location /filesafe/priv>
order allow,deny
allow from all
AuthType Site::LDAPCookieHandler2
AuthName dancerdev
PerlAuthenHandler Site::LDAPCookieHandler2->authenticate
PerlAuthzHandler Site::LDAPCookieHandler2->authorize
require valid-user
satisfy all
</Location>
Then in my dancer app I protect portions like this:
get '/priv/hello' => sub
{
die unless $ENV{REMOTE_USER};
return "Hi there ".$ENV{REMOTE_USER};
};
This won't solve authorization for me but I won't have a need for this in this
app.
Thanks,
Keith.
--------------------------------------------------------------------------------
This information is directed in confidence solely to the person named above and
may contain confidential and/or privileged material. This information may not
otherwise be distributed, copied or disclosed. If you have received this e-mail
in error, please notify the sender immediately via a return e-mail and destroy
original message. Thank you for your cooperation.
_______________________________________________
dancer-users mailing list
[email protected]
http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
_______________________________________________
dancer-users mailing list
[email protected]
http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
