On Fri, 13 Jun 2008 19:56:14 -0700 (PDT) tyju tiui <[EMAIL PROTECTED]> wrote:
> > Hi, > > I'm new to mod_perl and I'm having some difficulty understanding a > few things. I'd like to write an Apache module which authenticates a > request based on the URL. I only want the module to deny invalid > requests and allow valid requests to be processed as normal. > > A more specific example would be like: > > Request URL: http://myhost.com/REALLY-SECURE-TOKEN/file2download > Module logic: if REALLY-SECURE-TOKEN is valid, allow the request > to continue - else, stop request with an error > External application logic: if request got here without error then > find the file2download and write it to the output stream - else, show > custom error > > > I think the best way to do this is something like: > > 1) Write a module which evaluates the URL and places a variable in > the request's scope > 2) > Use mod_rewrite to evaluate the newly set variable and pass execution > to the proper place with any error code that might have been placed in > the variable > > I've been reading books, howto's, and on-line documentation for the > past two days and I still have no idea where to begin. Any advice > would be greatly appreciated. My advice would be to change your URLs to be: http://myhost.com/securefiles/REALLY-SECURE-TOKEN/filename Then write a handler that does something along these lines: use Apache2::RequestRec; use Apache2::RequestUtil; use Apache2::RequestIO; sub handler { my $r = shift; # Get the parts of the URI we are interested in my $uri = $r->uri; my $root = $r->location; $uri =~ s!^$root!!; # Strip off http://myhose.com/securefiles $uri =~ s!//!/!og; # Remove any double slashes $uri =~ s!^/!!o; # Remove the first slash # Now that we're left with just REALLY-SECURE-KEY/filename, # split it up my ( $secure_key, $filename ) = split( '/', $uri ); # Verify the secure key if( verify( $secure_key ) ) { $r->sendfile( $filename ); return( Apache2::Const::OK ); } else { return( Apache2::Const::FORBIDDEN ); } } } It would be configured as: <Location /securefiles> SetHandler modperl PerlResponseHandler YourHandlerNameHere </Location> You could also do this as an AuthHandler as was previously mentioned, but for something this simple I don't see much point in breaking it up unless you're going to use these secure keys for many different things. ------------------------------------------------------- Frank Wiles, Revolution Systems, LLC. Personal : [EMAIL PROTECTED] http://www.wiles.org Work : [EMAIL PROTECTED] http://www.revsys.com
