Maintainer timeout, so I'm sending this to the list. :-/
A tarball is also available at:
http://wagner.elixus.org/~autrijus/Apache-AuthenURL-0.9-autrijus.tar.gzThanks, /Autrijus/
--- Begin Message ---The patch below brings AuthenURL to work with ModPerl2; also added is the capability to POST the incoming URI (as well as auth info) into the LWP request. I'd appreciate if it can be made into the next version of Apache::AuthenURL. Thanks, /Autrijus/ --- AuthenURL.pm (revision 40) +++ AuthenURL.pm (local) @@ -1,11 +1,30 @@ # $Id: AuthenURL.pm,v 0.10 2003/11/04 15:47:13 jdg117 Exp $ package Apache::AuthenURL; use strict; -use Apache(); -use Apache::Constants qw(OK SERVER_ERROR AUTH_REQUIRED); + use LWP::UserAgent; use vars qw($VERSION); +BEGIN { local $@; eval { require Apache2; } } + +use mod_perl; +use constant MP2 => ($mod_perl::VERSION >= 1.99); +use constant OK => 0; +use constant SERVER_ERROR => 500; +use constant AUTH_REQUIRED => 401; + +if (MP2) { + require Apache::Access; + require Apache::Connection; + require Apache::Log; + require Apache::RequestRec; + require Apache::RequestUtil; +} +else { + require Apache::ModuleConfig; + require Apache::Constants; +} + my $prefix = "Apache::AuthenURL"; $VERSION = '0.9'; @@ -31,20 +50,22 @@ sub check { my($r, $attr) = @_; + return undef unless defined($r); + my($res, $sent_pwd); ($res, $sent_pwd) = $r->get_basic_auth_pw; return $res if $res; #decline if not Basic - my $user = $r->connection->user; - my $passwd; + my $user = (MP2) ? $r->user : $r->connection->user; + my $uri = $r->uri; unless ( $attr->{method} ) { - $r->warn("$prefix is missing the METHOD (defaulting to GET) for URI: " . $r->uri); + $r->warn("$prefix is missing the METHOD (defaulting to GET) for URI: " . $uri); $attr->{method} = "GET"; } unless ( $attr->{url} ) { - $r->log_reason("$prefix is missing the URL", $r->uri); + $r->log_error("$prefix is missing the URL for $uri"); return SERVER_ERROR; } @@ -55,14 +76,27 @@ $lwp_ua->use_alarm(0); my $lwp_req = new HTTP::Request $attr->{method} => $attr->{url}; unless( defined $lwp_req ) { - $r->log_reason("LWP failed to use METHOD: " . $attr->{method} . " to connect to URL: ".$attr->{url}, $r->uri); + $r->log_error("LWP failed to use METHOD: " . $attr->{method} . " to connect to URL: ".$attr->{url}); return SERVER_ERROR; } $lwp_req->authorization_basic($user, $sent_pwd); + + if ($attr->{method} eq 'POST') { + $lwp_req->header('Content-Type' => 'application/x-www-form-urlencoded'); + + require URI; + my $url = URI->new('http:'); + $url->query_form(user => $user, password => $sent_pwd, uri => $uri); + + my $content = $url->query; + $lwp_req->header('Content-Length' => length($content)); + $lwp_req->content($content); + } + my $lwp_res = $lwp_ua->request($lwp_req); unless( $lwp_res->is_success ) { - $r->log_reason("LWP user $user: " . $attr->{url} . $lwp_res->status_line, $r->uri); + $r->log_error("LWP user $user: $attr->{url} fails with ".$lwp_res->status_line)."for $uri"; $r->note_basic_auth_failure; return AUTH_REQUIRED; } @@ -83,7 +117,7 @@ #in .htaccess AuthName MyHTTPAuth AuthType Basic - PerlAuthenHandler Apache::AuthenCache Apache::AuthenURL::handler Apache::AuthenCache::manage_cache + PerlAuthenHandler Apache::AuthenCache Apache::AuthenURL Apache::AuthenCache::manage_cache PerlSetVar AuthenURL_method HEAD # a valid LWP method PerlSetVar AuthenURL_url https://somehost @@ -99,6 +133,12 @@ I wrote this module to work around the lack of DCE support for Solaris x86. DCE authentication in my application is handled using Gradient's DCE plug-in for Netscape Enterprise Server. The request is encrypted using SSL. + +=head1 NOTES + +If C<AuthenURL_method> is set to C<POST>, the request is sent with three +parameters: C<user>, C<password> and C<uri>, in addition to the basic +authentication headers common to all methods. =head1 ACKNOWLEDGEMENTS
pgpveq2WZAFa1.pgp
Description: PGP signature
--- End Message ---
pgpv8KolncJZw.pgp
Description: PGP signature
