Re: Problems with cookies in Apache::AuthCookie
Charles Day wrote: key line must come first. I used Portal instead of your PrisInformasjon, but you get the idea. I tried that, but it made no difference. I must be doing something wrong. I have now tried with a very similar setup on my linux box with apache 1.3.22, mod_perl 1.26 and all other modules fully up to date. No success. I rewrote my login-script to use plain perl instead of embperl. No success. Any other ideas? What should I get with lwp-request? I currently get this: HTML HEADTITLEAn Error Occurred/TITLE/HEAD BODY H1An Error Occurred/h1 403 Forbidden /BODY /HTML I thought I should get the login-script output here? In a browser this seemmingly works. How can I test the redirect/cookie stuff? # key line must come first PerlSetVar PortalDBI_SecretKeyFile /somewhere/secured.key PerlModule Apache::AuthCookieDBI PerlSetVar PortalPath / PerlSetVar PortalLoginScript /login.pl PerlSetVar AuthCookieDebug 1 PerlSetVar PortalDomain .mydomain.com PerlSetVar PortalDBI_DSN 'dbi:Pg:host=someserver port=5432 dbname=somedb' PerlSetVar PortalDBI_User username PerlSetVar PortalDBI_Password ** PerlSetVar PortalDBI_UsersTable table PerlSetVar PortalDBI_UserField userid PerlSetVar PortalDBI_PasswordField passwd PerlSetVar PortalDBI_SessionLifeTime 00-12-00-00 FilesMatch \.pl AuthType Apache::AuthCookieDBI AuthName Portal SetHandler perl-script PerlHandler Apache::Registry Options +ExecCGI PerlSendHeader On /FilesMatch # login.pl Files LOGIN AuthType Apache::AuthCookieDBI AuthName Portal SetHandler perl-script PerlHandler Apache::AuthCookieDBI-login /Files # website. Directory /home/httpd/html/secured PerlSetVar PortalDomain .mydomain.com PerlSetVar PortalLoginScript /login.pl AuthType Apache::AuthCookieDBI AuthName Portal PerlAuthenHandler Apache::AuthCookieDBI-authenticate PerlAuthzHandler Apache::AuthCookieDBI-authorize require valid-user /Directory Here are the relevant parts (I think) from httpd.conf: PerlSetVar PrisInformasjonPath / PerlSetVar PrisInformasjonLoginScript /wwwappl/login.epl PerlSetVar PrisInformasjonDomain .tollpost.no PerlSetVar PrisInformasjonDBI_DSN DBI:Informix:testogj1 PerlSetVar PrisInformasjonDBI_SecretKeyFile /etc/opt/apache/secret.key PerlSetVar PrisInformasjonDBI_UserField username PerlSetVar AuthCookieDebug 3 PerlModule Apache::AuthCookieDBI Directory /opt/www/tgweb/protected/ AuthType Apache::AuthCookieDBI AuthName PrisInformasjon PerlAuthenHandler Apache::AuthCookieDBI-authenticate PerlAuthzHandler Apache::AuthCookieDBI-authorize require valid-user /Directory Files LOGIN AuthType Apache::AuthCookieDBI AuthName PrisInformasjon SetHandler perl-script PerlHandler Apache::AuthCookieDBI-login /Files -- Øyvind ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. (mailto:[EMAIL PROTECTED]) This footnote also confirms that this email message has been swept by viruscheckers for the presence of computer viruses. **
Problems with cookies in Apache::AuthCookie
I'm trying to get Apache::AuthCookie and Apache::AuthCookieDBI to work. However it seems like I can't set any cookies. I have cookies enabled in my browser (with warnings), but I can't read the cookie after the redirect from the login-script. I'm pretty sure the cookie is never sent to the browser. How can I check if the redirect is happening? Here is the log with AuthCookieDebug set to 3: [Fri Jan 4 14:23:46 2002] [error] credential_0 ogj [Fri Jan 4 14:23:46 2002] [error] credential_1 xxx [Fri Jan 4 14:23:46 2002] [error] ses_key ogj:2002-01-04-14-23-46:2002-01-05-14 -23-46:54f7553ccb96d3af70abe449f053ee3d [Fri Jan 4 14:23:46 2002] [error] auth_type Apache::AuthCookieDBI [Fri Jan 4 14:23:46 2002] [error] auth_name PrisInformasjon [Fri Jan 4 14:23:46 2002] [error] ses_key_cookie [Fri Jan 4 14:23:46 2002] [error] uri /tgweb/protected/index.html I get a ses_key, but no value in ses_key_cookie. I tried to dump all headers to the log, but there were no signs of any cookie-related things. I must admit that I don't quite understand how the setting of WhatEverPath (in my case PrisInformasjonPath) relates to the rest of my configuration. Btw: is setting a cookie and then doing a redirect safe with all browsers (at least those with cookies turned on)? Using AuthCookie 3.00 and AuthCookieDBI 1.18, mod_perl 1.25, perl 5.005_03 under Apache 1.3.19, HP-UX 10.20. Currently testing with Mozilla 1.9.6, Linux. Thanks, -- Øyvind ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. (mailto:[EMAIL PROTECTED]) This footnote also confirms that this email message has been swept by viruscheckers for the presence of computer viruses. **
Re: Problems with cookies in Apache::AuthCookie
Øyvind Gjerstad wrote: Geoffrey Young wrote: [Fri Jan 4 14:23:46 2002] [error] credential_0 ogj [Fri Jan 4 14:23:46 2002] [error] credential_1 xxx [Fri Jan 4 14:23:46 2002] [error] ses_key ogj:2002-01-04-14-23-46:2002-01-05-14 -23-46:54f7553ccb96d3af70abe449f053ee3d [Fri Jan 4 14:23:46 2002] [error] auth_type Apache::AuthCookieDBI the AuthType setting should be the name of the class that inherits from Apache::AuthCookie (or Apache::AuthCookieDBI I suppose, I've never used it) for instance PerlSetVar PrisInformasjonPath / PerlSetVar PrisInformasjonLoginScript /login.html PerlSetVar AuthCookieDebug 3 Location /tgweb/protected AuthType PrisInformasjon::Authenticate AuthName PrisInformasjon PerlAuthenHandler PrisInformasjon::Authenticate-authenticate Require vaild-user Hmm. I thought I didn't need to subclass AuthCookieDBI. I thought that I should be able to just configure that to authenticate to a database (that part works, as far as I can tell), and write a login-script (which I have done). ah, you are right. I don't use Apache::AuthCookieDBI, and apparently it works slightly differently from Apache::AuthCookie. anyway, CC'd to the list so perhaps someone more familiar can see your httpd.conf --Geoff Here are the relevant parts (I think) from httpd.conf: PerlSetVar PrisInformasjonPath / PerlSetVar PrisInformasjonLoginScript /wwwappl/login.epl PerlSetVar PrisInformasjonDomain .tollpost.no PerlSetVar PrisInformasjonDBI_DSN DBI:Informix:testogj1 PerlSetVar PrisInformasjonDBI_SecretKeyFile /etc/opt/apache/secret.key PerlSetVar PrisInformasjonDBI_UserField username PerlSetVar AuthCookieDebug 3 PerlModule Apache::AuthCookieDBI Directory /opt/www/tgweb/protected/ AuthType Apache::AuthCookieDBI AuthName PrisInformasjon PerlAuthenHandler Apache::AuthCookieDBI-authenticate PerlAuthzHandler Apache::AuthCookieDBI-authorize require valid-user /Directory Files LOGIN AuthType Apache::AuthCookieDBI AuthName PrisInformasjon SetHandler perl-script PerlHandler Apache::AuthCookieDBI-login /Files [Fri Jan 4 14:23:46 2002] [error] auth_name PrisInformasjon [Fri Jan 4 14:23:46 2002] [error] ses_key_cookie [Fri Jan 4 14:23:46 2002] [error] uri /tgweb/protected/index.html -- Øyvind ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. (mailto:[EMAIL PROTECTED]) This footnote also confirms that this email message has been swept by viruscheckers for the presence of computer viruses. **