Skylos wrote:
Trying to migrate an application to mod_perl under apache 2.2 but my custom auth handlers are blowing up on failure to understand '$r->requires' method. The best I can make of it is that apache 2.2 revamped the auth system requiring the definition of providers (like 'group' allowing the 'Require group xxxx' directive in the config file.It seems then that I need to define my own authentication provider... perl-group? mycustomauth-group, so i can say Require mycustomauthgroup admin Thus get the proper ->requires information during the authorization phase for checking? David PS: I apologize for not being able to derive this answer from my search and browsing of the mailing list archives if the answer is in there. I found some that seemed exactly related to this issue under topic mp 2.0.3 make test fails against httpd trunk: Has authorisation changed since httpd 2.2 ? but was unable to find anything about actually defining these authorization providers...
Hi.This is not really an answer to your question, but I felt it might help anyway, only to allow you to sleep better.. I also wrote my own authentication framework for Apache/mod_perl (using Apache2::AuthCookie as base, many thanks to the author and maintainers), and I do not recall having had to do any major surgery to it between 2.0 and 2.2 (2.4 may be another matter though). In any case, I am sure that the "group" aspect is not needed, because I don't do that at all and my stuff still works fine.
So, while I'm not the ultimate expert, I would think that whatever you may have to do is probably less major than what you are hinting at above.
HTH.
P.S. check the code for Apache2::AuthCookie for many tips (sub authorize{}).
I am using its get_statisfy() and satisfy_is_valid() subs.
And I only use "require user xxx" or "require valid user" in the Apache config.
