System:
Solaris 2.6
Apache 1.3.9/mod_perl 1.19/gcc 2.8.1/perl-5.004.04
I'm using SecurID to authenticate for an Apache proxy server. I've
written a little perl module that uses a username/tokencode returned by
basic auth to validate a user and return a session cookie. The SecurID
auth works fine and I'm able to generate a cookie for the user.
The problem is, I can't get the module to return the cookie to the browser
before the proxy request is completed.
Initially, I tried:
[...SecurID auth...]
$r -> header_out('Set-Cookie' => $cookie);
return OK;
That didn't seem to work (no cookie in the snoops, Netscape has no
knowledge of it). So, I turned to sending back a redirect instead:
[...SecurID auth...]
my $req_uri = Apache::URI->parse($r, $r ->uri);
$r -> header_out('Location' => $req_uri);
$r -> header_out('Set-Cookie' => $cookie);
return REDIRECT;
Before any of this, I tried the TicketAccess example from the mod_perl
O'Reilly book but the circular nature of authenticating a proxy rendered
that unworkable.
My current solution is so close--I just need to get that cookie to the
browser and have it returned on each subsequent proxy request. What am I
doing wrong?
Thanks!
Wyman Miles
Systems Administrator, Rice University, Texas.
(713) 737-5827, e-mail:[EMAIL PROTECTED], pager:[EMAIL PROTECTED]
