While trying to get mod_auth_pgsql-2.0.2b1 to work with 22 April CVS-httpd, I found that the reason I could not authenticate against a postgresql server was that mod_auth_pgsql received an empty user field in the request structure. Strangely, it received the correct password from the server.. How can this be?
In more detail: AuthType basic AuthBasicAuthoritative Off Auth_PG... so, basic auth assumes that its provider is "file", a line appears in the error log saying that file is null. Fine, it isn't authoritative, so it is mod_auth_pgsql's turn: static void register_hooks(apr_pool_t * p) { ap_hook_post_config(pg_auth_init_handler, NULL, NULL, APR_HOOK_MIDDLE); ap_hook_auth_checker(pg_check_auth, NULL, NULL, APR_HOOK_MIDDLE); ap_hook_check_user_id(pg_authenticate_basic_user, NULL, NULL, APR_HOOK_MIDDLE); }; int pg_authenticate_basic_user(request_rec * r) BUT r->user==NULL. Somehow if ((res = ap_get_basic_auth_pw(r, (const char **) &sent_pw))) return res; sent_pw contains the correct password. So, what happens to r->user as it gets passed between modules? Style point: should mod_pgsql be a provider (ap_register_provider) rather than using hooks? Cheers, Patrick