Getting multiple header entries from AuthCookie returned to the
client. This happens even if I stub out the authen_cred and
authen_ses_key to return "foo". Other thing I notice after
adding logging to the authentication and authorization sub's
is that the $r->connection->user set by authentication isn't
available in $r->connection->user in authorization. As a
result of the undef $r->connection->user in authorization
it's sending back a FORBIDDEN which [I think?] causes the
problems.
The examples I've seen of login_form code use a simple print to
get things on the screen (e.g., Apache::AuthTicket).
I've tried this and various combinations of sending the headers
and form with no luck.
Ideally Apache::AuthCookie should only require the login_form,
authen_cred and authen_ses_key sub's to function with the
addition of login_screen to use a location rather rather than
#!-ed code for the login form.
Does anyone know of a simple, working example of deriving a
class from Apache::AuthTicket or some specific documentation
for a complete class? The code that comes with it is only
useful for testing
Below are the relavant error_log items (showing the user
available in authenticate and undef in authorize).
thanx.
sl
########################################################################
# Authorization cookie handler.
########################################################################
PerlModule Cdr::AuthCookie;
PerlSetVar CDRPath /foo
PerlSetVar CDRLoginScript /cdrloginform
PerlSetVar CDRLoginHandler /cdrlogin
#PerlSetVar CDRExpires +8h
PerlSetVar AuthCookieDebug 9
# this shows the login form.
<Location /cdrloginform>
SetHandler perl-script
PerlHandler Cdr::AuthCookie->login_form
</Location>
# handle posted data from the login form.
<location /cdrlogin>
SetHandler perl-script
AuthType Cdr::AuthCookie
AuthName CDR
PerlHandler Cdr::AuthCookie->login
</Location>
<Location /foo>
SetHandler perl-script
AuthType Cdr::AuthCookie
AuthName CDR
PerlAuthenHandler Cdr::AuthCookie->authenticate
PerlAuthzHandler Cdr::AuthCookie->authorize
PerlHandler Cdr::Hello
require valid-user
</Location>
<Location /foo/bar>
SetHandler perl-script
AuthType Cdr::AuthCookie
AuthName CDR
PerlAuthenHandler Cdr::AuthCookie->authenticate
PerlAuthzHandler Cdr::AuthCookie->authorize
PerlHandler Cdr::Hello
require valid-user
</Location>
###########################################################################
# Cdr::AuthCookie.pm
###########################################################################
package Cdr::AuthCookie;
use strict;
use base qw( Apache::AuthCookie );
local $\ = "\n";
local $, = "\n";
# CPAN modules
use Carp;
use Apache::Constants qw(:common M_GET M_POST FORBIDDEN REDIRECT);
use Apache::Log;
use Digest::MD5 qw( &md5_hex );
# used for sharing and generating the shared secret
# used in the authrization process.
use IPC::SysV;
use IPC::Shareable;
use Digest::MD5 qw( &md5_hex );
use Data::Dumper;
$Data::Dumper::Purity = 1;
$Data::Dumper::Terse = 1;
$Data::Dumper::Indent = 1;
$Data::Dumper::Deepcopy = 0;
$Data::Dumper::Quotekeys = 0;
# homegrown modules
use Cdr::Reportz;
use Cdr::Shared qw( &logrequest &sendreply );
########################################################################
# package variables
########################################################################
# initialize the untied variable to false, use $key to check the status.
our $secret = '';
our $key = '';
# amount of time before a cookie times out.
# currently set to 8 hours (28 800 sec).
#
# 10 sec for testing only, probably useful in production.
my $timeout = 30; #28800;
# login screen returns this to the caller.
my $loginform = <<'END';
<html>
<head>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<base href="$ENV{BASEURL}" >
</head>
<body>
<form method="get" action="/cdrlogin" >
<!-- Login form for an Cdr::AuthCookie -->
<input type=hidden name="destination" value="DEST" >
<table>
<tr>
<th align=center colspan=2 >Please Enter Your Username and Password to
log in:"
<tr>
<th align=right >Username:
<td align=left > <input type="text" name="credential_0" size=12
maxlenth=12 >
<tr>
<th align=right >Password:
<td align=left > <input type="password" name="credential_1" size=12
maxlenth=12 >
<tr>
<td><!-- filler -->
<td align=left ><input type="submit" value=" Log In " >
</table>
</form>
</body>
END
########################################################################
# subroutines
########################################################################
=head2 sub B<hashcookie>
Trick here is to hash the information with a secret and then
hash the hash with the values. This makes it virtually
impossible for someone to tickle bits in the original items
to get a matching hash. It also makes it nearly impossible
for someone to guess the secret since the hash that includes
the secret is hashed again with the data a second time.
This is used both to validate the string and to generate
a new one.
=cut
sub hashcookie
{
join '-', @_, md5_hex( join '', @_, md5_hex( join '', @_, $secret ) );
}
# stubbed out authen_cred and authen_ses_key. these definatly always
# return a key and always return a userid. only problem is that they
# don't work...
sub authen_cred( $$\@ ) { "foo" }
sub authen_ses_key( $$$ ) { "foo" }
=head1 sub B<login_form>
Generate login screen.
This has to define where the user was headed when they
bounced into the Authorization handler and put this into
the hidden field "destination".
=cut
sub login_form
{
my( $class, $request ) = @_;
my $log = logrequest $request, __PACKAGE__ . '::login_form';
my $desturi = $request->uri;
( my $form = $loginform ) =~ s{DEST}{$desturi};
$request->no_cache( 1 );
$log->debug( "Reply:\n\n$form\n" );
$request->send_http_header( 'text/html' );
$request->print( $form );
OK
}
# override the standard version in order to pass the second argument
# to login_form.
sub authenticate ($$)
{
my ($auth_type, $r) = @_;
my ($authen_script, $auth_user);
my $debug = $r->dir_config("AuthCookieDebug") || 0;
my $log = logrequest $r, __PACKAGE__ . '::authenticate';
$r->log_error("auth_type " . $auth_type) if ($debug >= 3);
# Only authenticate the first internal request
return OK unless $r->is_initial_req;
if ($r->auth_type ne $auth_type)
{
# This location requires authentication because we are being called,
# but we don't handle this AuthType.
$r->log_error("AuthType mismatch: $auth_type =/= ".$r->auth_type) if
$debug >= 3;
return DECLINED;
}
# Ok, the AuthType is $auth_type which we handle, what's
# the authentication realm's name?
my $auth_name = $r->auth_name;
$r->log_error("auth_name " . $auth_name) if $debug >= 2;
unless ($auth_name)
{
$r->log_reason("AuthName not set, AuthType=$auth_type", $r->uri);
return SERVER_ERROR;
}
# Get the Cookie header. If there is a session key for this realm, strip
# off everything but the value of the cookie.
my ($ses_key_cookie) =
($r->header_in("Cookie") || "") =~ /$auth_type\_$auth_name=([^;]+)/;
$ses_key_cookie = "" unless defined($ses_key_cookie);
$r->log_error("ses_key_cookie " . $ses_key_cookie) if ($debug >= 1);
$r->log_error("uri " . $r->uri) if ($debug >= 2);
if ($ses_key_cookie)
{
if ($auth_user = $auth_type->authen_ses_key($r, $ses_key_cookie))
{
# We have a valid session key, so we return with an OK value.
# Tell the rest of Apache what the authentication method and
# user is.
$r->log_error("user authenticated as $auth_user") if
$debug >= 1;
$r->connection->auth_type($auth_type);
$r->connection->user($auth_user);
$r->log_error("user set to " . $r->connection->user );
return OK;
}
else
{
# There was a session key set, but it's invalid for some
reason. So,
# remove it from the client now so when the credential data is
posted
# we act just like it's a new session starting.
my $str =
$auth_type->cookie_string
(
request => $r,
key => "$auth_type\_$auth_name",
value => '',
expires => 'Mon, 21-May-1971 00:00:00 GMT'
);
$r->err_headers_out->add("Set-Cookie" => "$str");
$r->log_error("set_cookie " .
$r->err_header_out("Set-Cookie")) if $debug >= 2;
$r->subprocess_env('AuthCookieReason', 'bad_cookie');
}
}
else
{
$r->log_error("no cookie" ) if $debug >= 2;
$r->subprocess_env('AuthCookieReason', 'no_cookie');
}
# They aren't authenticated, and they tried to get a protected
# document. Send them the authen form.
return $auth_type->login_form( $r );
}
sub authorize ($$)
{
my ($auth_type, $r) = @_;
my $debug = $r->dir_config("AuthCookieDebug") || 0;
my $log = logrequest $r, __PACKAGE__ . '::authorize', { user =>
$r->connection->user };
return OK unless $r->is_initial_req; #only the first internal request
if ($r->auth_type ne $auth_type)
{
$r->log_error($auth_type . " auth type is " . $r->auth_type)
if ($debug >= 3);
return DECLINED;
}
my $reqs_arr = $r->requires or return DECLINED;
my $user = $r->connection->user;
unless ($user)
{
# user is either undef or =0 which means the authentication failed
$r->log_reason("No user authenticated.", $r->uri);
return FORBIDDEN;
}
my ($forbidden);
foreach my $req (@$reqs_arr)
{
my ($requirement, $args) = split /\s+/, $req->{requirement}, 2;
$args = '' unless defined $args;
$r->log_error("requirement := $requirement, $args") if $debug >= 2;
next if $requirement eq 'valid-user';
if($requirement eq 'user')
{
next if $args =~ m/\b$user\b/;
$forbidden = 1;
next;
}
# Call a custom method
my $ret_val = $auth_type->$requirement($r, $args);
$r->log_error("$auth_type->$requirement returned $ret_val") if $debug
>= 3;
next if $ret_val == OK;
# Nothing succeeded, deny access to this user.
$forbidden = 1;
last;
}
return $forbidden ? FORBIDDEN : OK;
}
sub login ($$)
{
my ($self, $r) = @_;
my $debug = $r->dir_config("AuthCookieDebug") || 0;
my ($auth_type, $auth_name) = ($r->auth_type, $r->auth_name);
my %args = $r->method eq 'POST' ? $r->content : $r->args;
my $log = logrequest $r, __PACKAGE__ . '::login', \%args;
unless (exists $args{'destination'})
{
$r->log_error("No key 'destination' found in posted data");
return SERVER_ERROR;
}
# Get the credentials from the data posted by the client.
# sch. xform avoids problems with users skipping numbers
# in their sequences (e.g., qw(credential_1, credential_3)).
my @credkeyz =
map { $_->[0] }
sort{ $a->[1] <=> $b->[1] }
map{ /credential_(\d+)/ ? [ $_, $1 ] : () }
keys %args;
my @credentials = @args{@credkeyz};
$r->log_error( "Credential keys:\n", Dumper \@credkeyz ) if $debug >2;
$r->log_error( "Credential vals:\n", Dumper \@credentials ) if $debug >2;
# Exchange the credentials for a session key.
my $ses_key = $self->authen_cred($r, @credentials);
$r->log_error("ses_key " . $ses_key) if ($debug >= 2);
$self->send_cookie($ses_key);
if ($r->method eq 'POST')
{
$r->method('GET');
$r->method_number(M_GET);
$r->headers_in->unset('Content-Length');
}
unless ($r->dir_config("${auth_name}Cache"))
{
$r->no_cache(1);
$r->err_header_out("Pragma" => "no-cache");
}
$r->header_out("Location" => $args{'destination'});
return REDIRECT;
}
########################################################################
# junk included to show what the logging does
########################################################################
sub logrequest
{
my ( $request, $package, $argz ) = @_;
my $log = $request->log;
# useful for detecting whether the proper module handled
# the request in the first place.
$log->debug( "Handled by $package" );
# store file access as info, full http request as debug for now.
# stop debug level output via setting log level in httpd.conf.
$log->debug( "request:\n\n" . $request->as_string . "\n" );
$log->debug( "args:\n", Dumper $argz ) if ref $argz;
if( my %cookyz = CGI::Cookie->parse( $request->headers_in->{'Cookie'} ) )
{
$log->debug( "old cookie:", map { "$_ => " . $cookyz{$_}->as_string }
sort keys %cookyz );
}
# hand back the log item -- saves a few lines of code in each module.
$log
}
# keep the use pragma happy
1
__DATA__
########################################################################
# ./logs/error_log
########################################################################
GET /foo HTTP/1.1
Accept: text/html, image/png, image/jpeg, image/gif, image/x-xbitmap, */*
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
Cache-Control: no-cache
Connection: Keep-Alive
Host: cdr_dev.lit.alltel.com:8081
Pragma: no-cache
User-Agent: Opera/5.0 (Linux 2.2.18.ae i686; U) [en]
HTTP/1.1 (null)
[Thu Dec 6 15:16:22 2001] [error] auth_type Cdr::AuthCookie
[Thu Dec 6 15:16:22 2001] [error] auth_name CDR
[Thu Dec 6 15:16:22 2001] [error] ses_key_cookie
[Thu Dec 6 15:16:22 2001] [error] uri /foo
[Thu Dec 6 15:16:22 2001] [error] no cookie
[Thu Dec 6 15:16:22 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(92): [client 10.53.28.218]
Handled by Cdr::AuthCookie::login_form
[Thu Dec 6 15:16:22 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(97): [client 10.53.28.218]
request:
GET /foo HTTP/1.1
Accept: text/html, image/png, image/jpeg, image/gif, image/x-xbitmap, */*
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
Cache-Control: no-cache
Connection: Keep-Alive
Host: cdr_dev.lit.alltel.com:8081
Pragma: no-cache
User-Agent: Opera/5.0 (Linux 2.2.18.ae i686; U) [en]
HTTP/1.1 (null)
[Thu Dec 6 15:16:22 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(99): [client 10.53.28.218]
args:
{
class => 'Cdr::AuthCookie',
uri => '/foo'
}
[Thu Dec 6 15:16:22 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(142): [client 10.53.28.218]
Reply:
<html>
<head>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<base href="" >
</head>
<body>
<form method="get" action="/cdrlogin" >
<!-- Login form for an Cdr::AuthCookie -->
<input type=hidden name="destination" value="/foo" >
<table>
<tr>
<th align=center colspan=2 >Please Enter Your Username and Password to
log in:"
<tr>
<th align=right >Username:
<td align=left > <input type="text" name="credential_0" size=12
maxlenth=12 >
<tr>
<th align=right >Password:
<td align=left > <input type="password" name="credential_1" size=12
maxlenth=12 >
<tr>
<td><!-- filler -->
<td align=left ><input type="submit" value=" Log In " >
</table>
</form>
</body></html>
[Thu Dec 6 15:16:22 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(92): [client 10.53.28.218]
Handled by Cdr::AuthCookie::authorize
[Thu Dec 6 15:16:22 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(97): [client 10.53.28.218]
request:
GET /foo HTTP/1.1
Accept: text/html, image/png, image/jpeg, image/gif, image/x-xbitmap, */*
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
Cache-Control: no-cache
Connection: Keep-Alive
Host: cdr_dev.lit.alltel.com:8081
Pragma: no-cache
User-Agent: Opera/5.0 (Linux 2.2.18.ae i686; U) [en]
HTTP/1.1 200 OK
Pragma: no-cache
Cache-control: no-cache
Keep-Alive: timeout=15, max=1024
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
Expires: Thu, 06 Dec 2001 21:16:22 GMT
[Thu Dec 6 15:16:22 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(99): [client 10.53.28.218]
args:
{
user => undef
}
[Thu Dec 6 15:16:22 2001] [error] access to /foo failed for 10.53.28.218, reason: No
user authenticated.
[Thu Dec 6 15:16:33 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(92): [client 10.53.28.218]
Handled by Cdr::AuthCookie::login
[Thu Dec 6 15:16:33 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(97): [client 10.53.28.218]
request:
GET /cdrlogin?destination=%2Ffoo&credential_0=asdf&credential_1=asdf HTTP/1.1
Accept: text/html, image/png, image/jpeg, image/gif, image/x-xbitmap, */*
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
Connection: Keep-Alive, TE
Host: cdr_dev.lit.alltel.com:8081
Referer: http://cdr_dev.lit.alltel.com:8081/foo
TE: deflate, gzip, chunked, identity, trailers
User-Agent: Opera/5.0 (Linux 2.2.18.ae i686; U) [en]
HTTP/1.1 (null)
[Thu Dec 6 15:16:33 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(99): [client 10.53.28.218]
args:
{
credential_0 => 'asdf',
credential_1 => 'asdf',
destination => '/foo'
}
[Thu Dec 6 15:16:33 2001] [error] Credential keys:
[
'credential_0',
'credential_1'
]
[Thu Dec 6 15:16:33 2001] [error] Credential vals:
[
'asdf',
'asdf'
]
[Thu Dec 6 15:16:33 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(92): [client 10.53.28.218]
Handled by Cdr::AuthCookie::authen-cred
[Thu Dec 6 15:16:33 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(97): [client 10.53.28.218]
request:
GET /cdrlogin?destination=%2Ffoo&credential_0=asdf&credential_1=asdf HTTP/1.1
Accept: text/html, image/png, image/jpeg, image/gif, image/x-xbitmap, */*
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
Connection: Keep-Alive, TE
Host: cdr_dev.lit.alltel.com:8081
Referer: http://cdr_dev.lit.alltel.com:8081/foo
TE: deflate, gzip, chunked, identity, trailers
User-Agent: Opera/5.0 (Linux 2.2.18.ae i686; U) [en]
HTTP/1.1 (null)
[Thu Dec 6 15:16:33 2001] [error] ses_key
asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2
[Thu Dec 6 15:16:35 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(92): [client 10.53.28.218]
Handled by Cdr::AuthCookie::authenticate
[Thu Dec 6 15:16:35 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(97): [client 10.53.28.218]
request:
GET /foo HTTP/1.1
Accept: text/html, image/png, image/jpeg, image/gif, image/x-xbitmap, */*
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
Connection: Keep-Alive, TE
Cookie:
Cdr::AuthCookie_CDR=asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2
Cookie2: $Version="1"
Host: cdr_dev.lit.alltel.com:8081
Referer: http://cdr_dev.lit.alltel.com:8081/foo
TE: deflate, gzip, chunked, identity, trailers
User-Agent: Opera/5.0 (Linux 2.2.18.ae i686; U) [en]
HTTP/1.1 (null)
[Thu Dec 6 15:16:35 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(101): [client 10.53.28.218]
old cookie:Cdr::AuthCookie_CDR =>
Cdr%3A%3AAuthCookie_CDR=asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2;
path=/
[Thu Dec 6 15:16:35 2001] [error] auth_type Cdr::AuthCookie
[Thu Dec 6 15:16:35 2001] [error] auth_name CDR
[Thu Dec 6 15:16:35 2001] [error] ses_key_cookie
asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2
[Thu Dec 6 15:16:35 2001] [error] uri /foo
[Thu Dec 6 15:16:35 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(92): [client 10.53.28.218]
Handled by Cdr::AuthCookie::authen_ses_key
[Thu Dec 6 15:16:35 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(97): [client 10.53.28.218]
request:
GET /foo HTTP/1.1
Accept: text/html, image/png, image/jpeg, image/gif, image/x-xbitmap, */*
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
Connection: Keep-Alive, TE
Cookie:
Cdr::AuthCookie_CDR=asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2
Cookie2: $Version="1"
Host: cdr_dev.lit.alltel.com:8081
Referer: http://cdr_dev.lit.alltel.com:8081/foo
TE: deflate, gzip, chunked, identity, trailers
User-Agent: Opera/5.0 (Linux 2.2.18.ae i686; U) [en]
HTTP/1.1 (null)
[Thu Dec 6 15:16:35 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(101): [client 10.53.28.218]
old cookie:Cdr::AuthCookie_CDR =>
Cdr%3A%3AAuthCookie_CDR=asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2;
path=/
[Thu Dec 6 15:16:35 2001] [debug] Cdr/AuthCookie.pm(302): [client 10.53.28.218]
Processing cookie: asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2
[Thu Dec 6 15:16:35 2001] [debug] Cdr/AuthCookie.pm(303): [client 10.53.28.218]
Processed values: asdf, 10.53.28.218, 1007673423
[Thu Dec 6 15:16:35 2001] [debug] Cdr/AuthCookie.pm(329): [client 10.53.28.218]
17472: Cookie has expired: 1007673423
[Thu Dec 6 15:16:35 2001] [error] user authenticated as asdf
[Thu Dec 6 15:16:35 2001] [error] user set to asdf
[Thu Dec 6 15:16:35 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(92): [client 10.53.28.218]
Handled by Cdr::AuthCookie::authorize
[Thu Dec 6 15:16:35 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(97): [client 10.53.28.218]
request:
GET /foo HTTP/1.1
Accept: text/html, image/png, image/jpeg, image/gif, image/x-xbitmap, */*
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
Connection: Keep-Alive, TE
Cookie:
Cdr::AuthCookie_CDR=asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2
Cookie2: $Version="1"
Host: cdr_dev.lit.alltel.com:8081
Referer: http://cdr_dev.lit.alltel.com:8081/foo
TE: deflate, gzip, chunked, identity, trailers
User-Agent: Opera/5.0 (Linux 2.2.18.ae i686; U) [en]
HTTP/1.1 (null)
[Thu Dec 6 15:16:35 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(99): [client 10.53.28.218]
args:
{
user => 'asdf'
}
[Thu Dec 6 15:16:35 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(101): [client 10.53.28.218]
old cookie:Cdr::AuthCookie_CDR =>
Cdr%3A%3AAuthCookie_CDR=asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2;
path=/
[Thu Dec 6 15:16:35 2001] [error] requirement := valid-user,
[Thu Dec 6 15:16:35 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(92): [client 10.53.28.218]
Handled by Cdr::Hello
[Thu Dec 6 15:16:35 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(97): [client 10.53.28.218]
request:
GET /foo HTTP/1.1
Accept: text/html, image/png, image/jpeg, image/gif, image/x-xbitmap, */*
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
Connection: Keep-Alive, TE
Cookie:
Cdr::AuthCookie_CDR=asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2
Cookie2: $Version="1"
Host: cdr_dev.lit.alltel.com:8081
Referer: http://cdr_dev.lit.alltel.com:8081/foo
TE: deflate, gzip, chunked, identity, trailers
User-Agent: Opera/5.0 (Linux 2.2.18.ae i686; U) [en]
HTTP/1.1 (null)
[Thu Dec 6 15:16:35 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(101): [client 10.53.28.218]
old cookie:Cdr::AuthCookie_CDR =>
Cdr%3A%3AAuthCookie_CDR=asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2;
path=/
[Thu Dec 6 15:16:35 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(142): [client 10.53.28.218]
Reply:
<html>
<head>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<base href="" >
</head>
<body>Hello, world! from /foo</body></html>
[Thu Dec 6 15:18:16 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(92): [client 10.53.28.218]
Handled by Cdr::AuthCookie::authenticate
[Thu Dec 6 15:18:16 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(97): [client 10.53.28.218]
request:
GET /foo HTTP/1.1
Accept: text/html, image/png, image/jpeg, image/gif, image/x-xbitmap, */*
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
Cache-Control: no-cache
Connection: Keep-Alive, TE
Cookie:
Cdr::AuthCookie_CDR=asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2
Cookie2: $Version="1"
Host: cdr_dev.lit.alltel.com:8081
Referer: http://cdr_dev.lit.alltel.com:8081/foo
TE: deflate, gzip, chunked, identity, trailers
User-Agent: Opera/5.0 (Linux 2.2.18.ae i686; U) [en]
HTTP/1.1 (null)
[Thu Dec 6 15:18:16 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(101): [client 10.53.28.218]
old cookie:Cdr::AuthCookie_CDR =>
Cdr%3A%3AAuthCookie_CDR=asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2;
path=/
[Thu Dec 6 15:18:16 2001] [error] auth_type Cdr::AuthCookie
[Thu Dec 6 15:18:16 2001] [error] auth_name CDR
[Thu Dec 6 15:18:16 2001] [error] ses_key_cookie
asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2
[Thu Dec 6 15:18:16 2001] [error] uri /foo
[Thu Dec 6 15:18:16 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(92): [client 10.53.28.218]
Handled by Cdr::AuthCookie::authen_ses_key
[Thu Dec 6 15:18:16 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(97): [client 10.53.28.218]
request:
GET /foo HTTP/1.1
Accept: text/html, image/png, image/jpeg, image/gif, image/x-xbitmap, */*
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
Cache-Control: no-cache
Connection: Keep-Alive, TE
Cookie:
Cdr::AuthCookie_CDR=asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2
Cookie2: $Version="1"
Host: cdr_dev.lit.alltel.com:8081
Referer: http://cdr_dev.lit.alltel.com:8081/foo
TE: deflate, gzip, chunked, identity, trailers
User-Agent: Opera/5.0 (Linux 2.2.18.ae i686; U) [en]
HTTP/1.1 (null)
[Thu Dec 6 15:18:16 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(101): [client 10.53.28.218]
old cookie:Cdr::AuthCookie_CDR =>
Cdr%3A%3AAuthCookie_CDR=asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2;
path=/
[Thu Dec 6 15:18:16 2001] [debug] Cdr/AuthCookie.pm(302): [client 10.53.28.218]
Processing cookie: asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2
[Thu Dec 6 15:18:16 2001] [debug] Cdr/AuthCookie.pm(303): [client 10.53.28.218]
Processed values: asdf, 10.53.28.218, 1007673423
[Thu Dec 6 15:18:16 2001] [error] set_cookie Cdr::AuthCookie_CDR=; expires=Mon,
21-May-1971 00:00:00 GMT; path=/foo
[Thu Dec 6 15:18:16 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(92): [client 10.53.28.218]
Handled by Cdr::AuthCookie::login_form
[Thu Dec 6 15:18:16 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(97): [client 10.53.28.218]
request:
GET /foo HTTP/1.1
Accept: text/html, image/png, image/jpeg, image/gif, image/x-xbitmap, */*
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
Cache-Control: no-cache
Connection: Keep-Alive, TE
Cookie:
Cdr::AuthCookie_CDR=asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2
Cookie2: $Version="1"
Host: cdr_dev.lit.alltel.com:8081
Referer: http://cdr_dev.lit.alltel.com:8081/foo
TE: deflate, gzip, chunked, identity, trailers
User-Agent: Opera/5.0 (Linux 2.2.18.ae i686; U) [en]
HTTP/1.1 (null)
Set-Cookie: Cdr::AuthCookie_CDR=; expires=Mon, 21-May-1971 00:00:00 GMT; path=/foo
[Thu Dec 6 15:18:16 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(99): [client 10.53.28.218]
args:
{
class => 'Cdr::AuthCookie',
uri => '/foo'
}
[Thu Dec 6 15:18:16 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(101): [client 10.53.28.218]
old cookie:Cdr::AuthCookie_CDR =>
Cdr%3A%3AAuthCookie_CDR=asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2;
path=/
[Thu Dec 6 15:18:16 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(142): [client 10.53.28.218]
Reply:
<html>
<head>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<base href="" >
</head>
<body>
<form method="get" action="/cdrlogin" >
<!-- Login form for an Cdr::AuthCookie -->
<input type=hidden name="destination" value="/foo" >
<table>
<tr>
<th align=center colspan=2 >Please Enter Your Username and Password to
log in:"
<tr>
<th align=right >Username:
<td align=left > <input type="text" name="credential_0" size=12
maxlenth=12 >
<tr>
<th align=right >Password:
<td align=left > <input type="password" name="credential_1" size=12
maxlenth=12 >
<tr>
<td><!-- filler -->
<td align=left ><input type="submit" value=" Log In " >
</table>
</form>
</body></html>
[Thu Dec 6 15:18:16 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(92): [client 10.53.28.218]
Handled by Cdr::AuthCookie::authorize
[Thu Dec 6 15:18:16 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(97): [client 10.53.28.218]
request:
GET /foo HTTP/1.1
Accept: text/html, image/png, image/jpeg, image/gif, image/x-xbitmap, */*
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
Cache-Control: no-cache
Connection: Keep-Alive, TE
Cookie:
Cdr::AuthCookie_CDR=asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2
Cookie2: $Version="1"
Host: cdr_dev.lit.alltel.com:8081
Referer: http://cdr_dev.lit.alltel.com:8081/foo
TE: deflate, gzip, chunked, identity, trailers
User-Agent: Opera/5.0 (Linux 2.2.18.ae i686; U) [en]
HTTP/1.1 200 OK
Set-Cookie: Cdr::AuthCookie_CDR=; expires=Mon, 21-May-1971 00:00:00 GMT; path=/foo
Pragma: no-cache
Cache-control: no-cache
Keep-Alive: timeout=15, max=1024
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
Expires: Thu, 06 Dec 2001 21:18:16 GMT
Set-Cookie: Cdr::AuthCookie_CDR=; expires=Mon, 21-May-1971 00:00:00 GMT; path=/foo
[Thu Dec 6 15:18:16 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(99): [client 10.53.28.218]
args:
{
user => undef
}
[Thu Dec 6 15:18:16 2001] [debug]
/home/lembark/sandbox/cdr//code/app/website/Cdr/Shared.pm(101): [client 10.53.28.218]
old cookie:Cdr::AuthCookie_CDR =>
Cdr%3A%3AAuthCookie_CDR=asdf-10.53.28.218-1007673423-a8613661ccbf2cda1ee31aed97f3eba2;
path=/
[Thu Dec 6 15:18:16 2001] [error] access to /foo failed for 10.53.28.218, reason: No
user authenticated.
########################################################################
# net result on the screen -- problem is the pair of messages that
# get sent.
########################################################################
<html>
<head>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<base href="" >
</head>
<body>
<form method="get" action="/cdrlogin" >
<!-- Login form for an Cdr::AuthCookie -->
<input type=hidden name="destination" value="/foo" >
<table>
<tr>
<th align=center colspan=2 >Please Enter Your Username and Password to
log in:"
<tr>
<th align=right >Username:
<td align=left > <input type="text" name="credential_0" size=12
maxlenth=12 >
<tr>
<th align=right >Password:
<td align=left > <input type="password" name="credential_1" size=12
maxlenth=12 >
<tr>
<td><!-- filler -->
<td align=left ><input type="submit" value=" Log In " >
</table>
</form>
</body></html>HTTP/1.1 200 OK
Date: Thu, 06 Dec 2001 21:18:16 GMT
Server: Apache/1.3.20 (Unix) mod_perl/1.26
Set-Cookie: Cdr::AuthCookie_CDR=; expires=Mon, 21-May-1971 00:00:00 GMT; path=/foo
Keep-Alive: timeout=15, max=1023
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1
Expires: Thu, 06 Dec 2001 21:18:16 GMT
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>200 OK</TITLE>
</HEAD><BODY>
<H1>OK</H1>
You don't have permission to access /foo
on this server.<P>
<HR>
<ADDRESS>Apache/1.3.20 Server at AlltelViewer Port 8081</ADDRESS>
</BODY></HTML>
