> -Original Message-
> From: Daniel Hutchison [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, October 17, 2000 3:49 PM
> To: [EMAIL PROTECTED]
> Subject: PerlAuthenHandler and DBI:
>
>
> While the behaviour seems correct from the browser, I am
> getting errors in
> the error_log that may
Todd Chapman <[EMAIL PROTECTED]> writes:
> Duh! Thanks.
>
> Now, is there any way to determine the realm the browser thinks it's
> authentication to? Is the realm stored in the Authorization header or any
> other headers?
>
I wouldn't try to use realms in any serious way- various browsers
do v
Duh! Thanks.
Now, is there any way to determine the realm the browser thinks it's
authentication to? Is the realm stored in the Authorization header or any
other headers?
-Todd
On Thu, 28 Sep 2000, Doug MacEachern wrote:
> On Thu, 28 Sep 2000, Todd Chapman wrote:
>
> >
> > Thanks Doug but I
On Thu, 28 Sep 2000, Todd Chapman wrote:
>
> Thanks Doug but I (and my customer) don't want to live on the CVS bleeding
> edge right now. Can you suggest something else?
yeah, add this to httpd.conf:
AuthType Basic
Thanks Doug but I (and my customer) don't want to live on the CVS bleeding
edge right now. Can you suggest something else?
Original problem:
I need to set the realm for virtual documents based on path_info and use
Basic authentication. Otherwise I may have to move to some cooie based
authentica
On Thu, 28 Sep 2000, Carlos Ramirez wrote:
> $r->auth_name($realm), $r->auth_type($basic) did not work for me, which
> is why I used the $r->header_out method. Also, after I set the outgoing
> header and returned AUTH_REQUIRED, I got prompted but the $realm did not
> show. Instead it displayed 'u
On Thu, 28 Sep 2000, Todd Chapman wrote:
>
> Thanks for the help Doug. This is what I have now but all I get is a
> segementation fault in the log.
> $r->note_basic_auth_failure;
if AuthType is not set, this will core dump. i just expanded the change
that defaults AuthType to Basic for ge
$r->auth_name($realm), $r->auth_type($basic) did not work for me, which
is why I used the $r->header_out method. Also, after I set the outgoing
header and returned AUTH_REQUIRED, I got prompted but the $realm did not
show. Instead it displayed 'unknown' as the realm name. But when I set
the $r->s
Thanks for the help Doug. This is what I have now but all I get is a
segementation fault in the log.
Any ideas?
-Todd
package Apache::SetRealm;
## Usage: PerlHeaderParserHandler Apache::SetRealm
use strict;
use Apache::Constants qw(:common);
sub handler {
my $r = shift;
# find the n
On Wed, 27 Sep 2000, Carlos Ramirez wrote:
> my $authheader = 'Basic realm="'.$realm.'"';
>
> $r->header_out("WWW-Authenticate" ,$authheader);
there's a cleaner way for that:
$r->auth_name($realm);
$r->note_basic_auth_failure;
> $r->status(AUTH_REQUIRED);
no need for that.
>
On Wed, 27 Sep 2000, Todd Chapman wrote:
>
> Problems with your suggestion:
>
> 1. The realm will not be known until I get path_info so
> directives will not work.
you can use $r->auth_name($realm) to set it at request time.
> 2. How can I get Perl to do the password lookup in the dynamical
Here's a simple handler that will set the AuthType and AuthName
dynamically and handle the authentication for you. This handler will
prompt you for a password when you try to acess /manual with the
AuthName, "The Manual" and prompt with the AuthName "The Icons" when you
try to access /icons. These
Please explain again how to get my AuthHandler called without setting
AuthName or AuthType in httpd.conf.
Thanks.
-Todd
On Wed, 27 Sep 2000, Carlos Ramirez wrote:
> By choosing to use your custom AuthHandler, you basically override Apache's way of
> handling the particular phase, in this case
By choosing to use your custom AuthHandler, you basically override Apache's
way of handling the particular phase, in this case the authentication phase.
So you must handle prompting the user and also checking the password.
You might want to read the Apache Guide (http://perl.apache.org/) on
how
Thanks for the help. I was hoping that Apache would check the password for
me but this should work.
Now, how do I get Apache to run my PerlAuthenHandler without setting the
AuthType or AuthName in httpd.conf?
Do I need to do the Authentication in a PerlHandler?
-Todd
On Wed, 27 Sep 2000, Carl
1. Oh, I mis-interpreted your question. I thought you already had a list
of virtual directories with the
AuthNames defined.
You can set the AuthName by sending them in the server response header
field:
WWW-Authenticate Basic $realm
So the first request to /companyA, you AuthHandler will respo
Problems with your suggestion:
1. The realm will not be known until I get path_info so
directives will not work.
2. How can I get Perl to do the password lookup in the dynamically
selected AuthUserFile?
Thanks for the help.
-Todd
On Wed, 27 Sep 2000, Carlos Ramirez wrote:
> You can you use
You can you use Location to specify seperate AuthUserFile's like so:
AuthType Basic
AuthName CompanyA
AuthUserFile path/to/CompanyAUsersFile
AuthType Basic
AuthName CompanyN
AuthUserFile path/to/CompanyNUsersFIle
Or you can write your own AuthHandler that lookups up AuthName, AuthUserF
I figured it out.
It was the dreaded permissions on the include directory.
thanks for the advise all.
Frank
>
>
>> -Original Message-
>> From: Frank Plunkett [mailto:[EMAIL PROTECTED]]
>> Sent: Monday, August 28, 2000 3:42 PM
>> To: [EMAIL PROTECTED]
>
> -Original Message-
> From: Frank Plunkett [mailto:[EMAIL PROTECTED]]
> Sent: Monday, August 28, 2000 3:42 PM
> To: [EMAIL PROTECTED]
> Subject: Re: PerlAuthenHandler invalid command
>
>
> Geoff
>I did build with perl Makefile.PL PERL_AUTHEN=1
>
&
> -Original Message-
> From: Stas Bekman [mailto:[EMAIL PROTECTED]]
> Sent: Monday, August 28, 2000 3:45 PM
> To: Geoffrey Young
> Cc: 'Frank Plunkett'; [EMAIL PROTECTED]
> Subject: RE: PerlAuthenHandler invalid command
>
>
> On Mon, 28 Aug 200
; From: Geoffrey Young <[EMAIL PROTECTED]>
> To: 'Frank Plunkett' <[EMAIL PROTECTED]>; [EMAIL PROTECTED]
> <[EMAIL PROTECTED]>
> Date: Monday, August 28, 2000 3:40 PM
> Subject: RE: PerlAuthenHandler invalid command
>
>
> >build mod
On Mon, 28 Aug 2000, Geoffrey Young wrote:
> build mod_perl with
>
> perl Makefile.PL EVERTHING=1
> or PERL_AUTHEN=1
EVERYTHING=1 of course :)
I don't think MakeMaker uses Soundex module yet :)
>
> HTH
>
> --Geoff
>
> > -Original Message-
> > From: Frank Plunkett [mailto:[EMAIL P
day, August 28, 2000 3:40 PM
Subject: RE: PerlAuthenHandler invalid command
>build mod_perl with
>
>perl Makefile.PL EVERTHING=1
>or PERL_AUTHEN=1
>
>HTH
>
>--Geoff
>
>> -Original Message-
>> From: Frank Plunkett [mailto:[EMAIL PROTECTED]]
>>
build mod_perl with
perl Makefile.PL EVERTHING=1
or PERL_AUTHEN=1
HTH
--Geoff
> -Original Message-
> From: Frank Plunkett [mailto:[EMAIL PROTECTED]]
> Sent: Monday, August 28, 2000 3:31 PM
> To: [EMAIL PROTECTED]
> Subject: PerlAuthenHandler invalid command
>
>
> Hi modperites,
>
[ previous discussion snipped ]
>httpd.conf or .htaccess (PerlModule hasta be in httpd.conf,
>from my experience)--
> PerlAccessHandler My::Auth::access_handler
> PerlSetVar Intranet "10.10.10.1 => userA, 10.10.10.2 => userB"
> PerlAuthenHandler My::Auth::authen_handler
>
> SO -- Stas, here's a coupla extra tweaks i think you should
> make so that cut/paste newbies (unlike me, of course) will
> have an easier time with this particular example on the next
> iteration:
It's corrected in the guide's cvs version! Thanks Will!
_
Stas Bekman replied:
> Argh, I wish I could always test every addition I have in the guide, some
> code goes untested as it was posted to the mod_perl or contributed by
> someone else. Then people come and use it, if something is wrong they send
> me a patch I fix it. I guess this is a similar sce
On Fri, 18 Aug 2000, will trillich wrote:
> thanks for your posts, guys!
>
> Eric Cholet replied:
> > > i copied the sample code from 'illustrated security scenarios'
> > > at http://perl.apache.org/guide/security.html nearly verbatim,
> > > (cut & paste + munge) changed '(*PASSED*)' to a simple
thanks for your posts, guys!
Eric Cholet replied:
> > i copied the sample code from 'illustrated security scenarios'
> > at http://perl.apache.org/guide/security.html nearly verbatim,
> > (cut & paste + munge) changed '(*PASSED*)' to a simple test
> > (moot, at this point) and inserted a few $r->
>> i canna get the PerlAuthenHandler to do ANYTHING. first
>> line of code after $r = shift is $r->warn() but nothing
>> shows up in the log. aaugh!
[snip]
>>
>> PerlAccessHandler Serensoft::Auth::access_handler
>> PerlSetVar Intranet "this => that"
>> PerlAuthenHand
> i canna get the PerlAuthenHandler to do ANYTHING. first
> line of code after $r = shift is $r->warn() but nothing
> shows up in the log. aaugh!
>
> i copied the sample code from 'illustrated security scenarios'
> at http://perl.apache.org/guide/security.html nearly verbatim,
> (cut & paste + m
On Wed, 21 Jun 2000, Geoffrey Young wrote:
>
> > On Wed, 21 Jun 2000, Blue wrote:
> >
> > > On Wed, 21 Jun 2000, J. J. Horner wrote:
> > >
>
> you might want to check out Apache::TicketAccess and the example of ticket
> based access in the eagle book if you decide move to form based verifica
> -Original Message-
> From: J. J. Horner [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, June 21, 2000 3:25 PM
> To: Blue
> Cc: [EMAIL PROTECTED]
> Subject: Re: PerlAuthenHandler and browsers
>
>
> On Wed, 21 Jun 2000, Blue wrote:
>
> > On
On Wed, 21 Jun 2000, Blue wrote:
> On Wed, 21 Jun 2000, J. J. Horner wrote:
>
> > For that reason, my handler can't rely on browsers to behave during the
> > Authentication phase. I am going to have to find a way to force a user to
> > input his password into the browser not using standard HTTP
On Wed, 21 Jun 2000, J. J. Horner wrote:
> For that reason, my handler can't rely on browsers to behave during the
> Authentication phase. I am going to have to find a way to force a user to
> input his password into the browser not using standard HTTP response
> codes.
Could you elaborate on t
When you installed mod_perl on the Stronghold server, did you indicate that
you wanted to install support for perl authentication handlers? (I think
adding PERL_AUTHEN=1 to the "perl Makefile.PL" command is the way to do
this.) Sorry to be so vague, but since I use "EVERYTHING=1" I really have
n
37 matches
Mail list logo
