Re: Unset PerlAuthenHandler (I wish)

2000-12-19 Thread darren chamberlain 

Jeff Sheffield ([EMAIL PROTECTED]) said something to this effect on 12/18/2000:
 here is a portion of my conf file.
 --
 Location /websites/foo.net/htdocs/
 
 AuthName "foo"
 AuthType Basic

*snip*

Are you sure you want a Location here? This looks like it should be a 
Directory section...

(darren)

-- 
The major difference between a thing that might go wrong and a thing that
cannot possibly go wrong is that when a thing that cannot possibly go wrong
goes wrong it usually turns out to be impossible to get at or repair.
-- Douglas Adams, 'Mostly Harmless'

Re: Unset PerlAuthenHandler (I wish)

2000-12-19 Thread Eric Cholet 

  Essentially I want to do this.
  Unset PerlAuthenHandler
 
 Try:
 
 LocationMatch /websites/foo.net/htdocs/passwd_forgoten/
   PerlInitHandler "sub {$_[0]-set_handlers(PerlAuthenHandler=undef);}"
 /LocationMatch

I think this should be: ... set_handlers(PerlAuthenHandler = [\OK]);

--
Eric

RE: Unset PerlAuthenHandler (I wish)

2000-12-19 Thread Chris Strom 

Removes all PerlAuthenHandlers:
  LocationMatch /websites/foo.net/htdocs/passwd_forgoten/
PerlInitHandler "sub 
 {$_[0]-set_handlers(PerlAuthenHandler=undef);}"
  /LocationMatch

Creates a single PerlAuthenHandler whose sole function is to return OK.
 I think this should be: ... set_handlers(PerlAuthenHandler = [\OK]);

Both work, but why set up a handler that does nothing?

Unset PerlAuthenHandler (I wish)

2000-12-18 Thread Jeff Sheffield 

Ok, essentially I want all but one directory on the
server to be password protected.
I want 1 directory to have the "I forgot my password"
functionality.

I am using Mason.
and setting SetHandler default-handler has undesired results.
i.e. mason files do not get parsed.
Essentially I want to do this.
Unset PerlAuthenHandler

here is a portion of my conf file.
--
AddType text/html .mhtm
FilesMatch ".*\.mhtm$"
SetHandler  perl-script
PerlHandler HTML::Mason
/FilesMatch 

Location /websites/foo.net/htdocs/

AuthName "foo"
AuthType Basic

PerlAuthenHandler Apache::AuthDBI::authen
PerlAuthenHandler Apache::AuthDBI::authz

PerlSetVar Auth_DBI_data_source
dbi:mysql:database=foo_external_site;host=localhost;port=3306
PerlSetVar Auth_DBI_username  jsheffie
PerlSetVar Auth_DBI_password  fooo
# DBI-connect($data_source, $username, $password)

PerlSetVar Auth_DBI_pwd_table users
PerlSetVar Auth_DBI_uid_field user_id
PerlSetVar Auth_DBI_pwd_field password
PerlSetVar Auth_DBI_grp_field groups
#SELECT pwd_field FROM pwd_table WHERE uid_field=$user

require valid-user

ErrorDocument 401
/websites/foo.net/htdocs/passwd_forgoten/
/Location

Location /websites/foo.net/htdocs/passwd_forgoten/
   SetHandler default-handler
/Location
-
Any ideas..??

Thanks, 
Jeff

---
| 7.6.2.1.  Configuring /etc/diphosts |
| |
| (taken from the Linux Networking-HOWTO) |
---
| Jeff Sheffield  |
| [EMAIL PROTECTED]  |
| AIM=JeffShef|
---

Re: Unset PerlAuthenHandler (I wish)

2000-12-18 Thread Jim Winstead 

On Dec 18, Jeff Sheffield wrote:
 Ok, essentially I want all but one directory on the
 server to be password protected.
 I want 1 directory to have the "I forgot my password"
 functionality.
 
 I am using Mason.
 and setting SetHandler default-handler has undesired results.
 i.e. mason files do not get parsed.
 Essentially I want to do this.
 Unset PerlAuthenHandler

well, not really, because that would still fail, since you "require
valid-user".

you can do it with this:

Location /websites/foo.net/htdocs/passwd_forgoten/
  order allow,deny
  allow from all
  satisfy any
/Location

check the apache docs (http://httpd.apache.org/docs/) for
more on 'require' and 'satisfy'.

jim

RE: Unset PerlAuthenHandler (I wish)

2000-12-18 Thread Jesse Erlbaum 

Hey Jeff --

For that same situation, I've rolled my own Authz handler which provides a
"require nothing" directive.  In my Authz handlers, if you put "require
nothing" in your .htaccess file, all requests will be Authorized.  This is
essential for things like the login screen, etc.

Rolling your own Authz handler is usually not that tough, but it has been a
while since I've looked at the CPAN offerings.  I see that AuthDBI appears
to have some sort of caching, which is essential for performance, and
non-trivial to implement properly.  What you need is a Authz handler which
is extensible, so that it can support your own methods.  Or at least support
a "require nothing" type of directive.

The functionality I described would be roughly the equivalent of patching
AuthDBI.pm as follows (NOTE: This is a COMPLETELY untested, undocumented,
and probably ill-conceived patch!):

START

*** AuthDBI.pm  Tue Sep 28 12:17:32 1999
--- AuthDBI.pm.jesseMon Dec 18 18:45:26 2000
***
*** 475,481 
  $user_requirements .= " $val";
  } elsif ($val =~ s/^group\s+//go) {
  $group_requirements .= " $val";
! }
  }
  $user_requirements  =~ s/^ //go;
  $group_requirements =~ s/^ //go;
--- 475,484 
  $user_requirements .= " $val";
  } elsif ($val =~ s/^group\s+//go) {
  $group_requirements .= " $val";
! } elsif ($val =~ /^nothing$/) {
! # Get out quick if we don't require anything.
! return OK;
!   }
  }
  $user_requirements  =~ s/^ //go;
  $group_requirements =~ s/^ //go;

END


TTYL,

-Jesse-


--

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  Jesse Erlbaum ... CTO
  [EMAIL PROTECTED] . Vanguard Media
  v: 212.242.5317 x115 .. New York City
+-+-+-+-+-+- http://www.vm.com/ +-+-+-+-+-+-+



 -Original Message-
 From: Jeff Sheffield [mailto:[EMAIL PROTECTED]]
 Sent: Monday, December 18, 2000 5:54 PM
 To: [EMAIL PROTECTED]
 Subject: Unset PerlAuthenHandler (I wish)
 
 
 Ok, essentially I want all but one directory on the
 server to be password protected.
 I want 1 directory to have the "I forgot my password"
 functionality.

 Any ideas..??