While trying to get mod_auth_pgsql-2.0.2b1 to work with 22 April CVS-httpd,
I found that the reason I could not authenticate against a postgresql
server was that mod_auth_pgsql received an empty user field in the
request structure. Strangely, it received the correct password from the
server.. How can this be?
In more detail:
AuthType basic
AuthBasicAuthoritative Off
Auth_PG...
so, basic auth assumes that its provider is "file", a line appears in the
error log saying that file is null. Fine, it isn't authoritative, so
it is mod_auth_pgsql's turn:
static void register_hooks(apr_pool_t * p)
{
ap_hook_post_config(pg_auth_init_handler, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_auth_checker(pg_check_auth, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_check_user_id(pg_authenticate_basic_user, NULL, NULL,
APR_HOOK_MIDDLE);
};
int pg_authenticate_basic_user(request_rec * r)
BUT r->user==NULL. Somehow
if ((res = ap_get_basic_auth_pw(r, (const char **) &sent_pw)))
return res;
sent_pw contains the correct password.
So, what happens to r->user as it gets passed between modules?
Style point: should mod_pgsql be a provider (ap_register_provider) rather
than using hooks?
Cheers,
Patrick
