On 4/18/05, Owen Berry <[EMAIL PROTECTED]> wrote: > I am experiencing a problem with the REMOTE_USER environment variable > after an upgrade to Apache 2. We are using AuthDBI to authenticate > users, which uses basic authentication with the browser to request > their details. Hence the use of REMOTE_USER. > > Users authenticate fine and seem to be working with no problems, but > when there are multiple people using the system the REMOTE_USER > environment variable gets set to seemingly random user names, and the > users keep stepping on each other. The CGI module is being used and > initially I thought the problem was there, as the username is > retrieved ala "$USER = remote_user", however after looking at the > CGI.pm code, all it does is return the value of the REMOTE_USER > environment variable. > > Unfortunately it seems that the AuthDBI module has not been ported to > the Apache2/mod_perl2 APIs, so we have to run it under the > compatibility layer. Ech! Any known problems there? > > Looks to me like the environment variables aren't being reset > correctly after each request, and they are sticking around with the > Apache process. > > I tried logging "$r->user()" to see if that was more reliable, but no > luck there either. It seems to be empty more than wrong, so I guess it > is doing something different, but still no good. Maybe it is > indicative of where the problem lies though. > > Thinking of anything else that might be useful in solving this problem: > > Apache MPM: prefork > PerlHandler ModPerl::Registry > Apache 2.0.46 > mod_perl 1.99_09 > Perl 5.8.0 > OS Linux 2.4.21-20.0.1 smp > Distribution RHELv3 > > This code has been running under mod_perl1 for a few years now, so the > problems seem to be related to the software upgrade, rather than the > usual problems related to bad scripts. > > Any help would be gladly appreciated as I have an application that is > basically unusable at the moment. Please ask questions if you need > more info. > > Thanks! > Owen Berry >
Something else that I have noticed is that the problem seem to only be occurring after a form post - a pure GET is fine ... so far.
