So I finally decided to plunge into AuthCookie*, and settled on
AuthCookieDBI cuz it's pretty complete, and meets my environment, and I
don't have to subclass it to even try it.
DAMN what a *****!
Oh, mostly it's an EXCELLENT module.
Mostly.
For starters, as verbose as the docs are, they aren't as clear as one would
hope. HOWEVER I finally got it to where everything LOOKS right, but I still
have no go.
As I delved into the problem, I found the following:
The module has a BEGIN {} block that reads the server config for parameters
of the form
PerlSetVar MyRealmSecretKeyFile "/etc/httpd/conf/secretkeyfile.txt"
into the module global hash %SECRET_KEYS
and the docs recommend it be
-rw------- root root
so that it's only readable on server startup.
HOWEVER, whenever the module is actually invoked, %SECRET_KEYS is empty!
Here's the BEGIN{} block:
BEGIN {
my @keyfile_vars = grep {
$_ =~ /DBI_SecretKeyFile$/
} keys %{ Apache->server->dir_config() };
foreach my $keyfile_var ( @keyfile_vars ) {
my $keyfile = Apache->server->dir_config( $keyfile_var );
my $auth_name = $keyfile_var;
$auth_name =~ s/DBI_SecretKeyFile$//;
unless ( open( KEY, "<$keyfile" ) ) {
Apache::log_error( "Could not open keyfile for $auth_name in file
$keyfile" );
} else {
$SECRET_KEYS{ $auth_name } = <KEY>;
close KEY;
}
}
}
My temporary solution was to patch the handlers to understand a new
PerlSetVar:
# Get the secret key.
my $secret_key = $SECRET_KEYS{ $auth_name };
unless ( defined $secret_key ) {
+ if (not defined ($SECRET_KEYS{ $auth_name } =
+ _dir_config_var($r, 'DBI_SecretKeyFile'))) {
$r->log_reason( "Apache::AuthCookieDBI: didn't the secret key from for
auth realm $auth_name", $r->uri );
return undef;
+ } else {
+ $secret_key = $SECRET_KEYS{ $auth_name };
}
}
But this seems crufty.
What I'd prefer to do is fix the init section so that it works. I can't
find anything in the mod_perl docs or the Guide that helps.
Suggestions??
TIA
L8r,
Rob
#!/usr/bin/perl -w
use Disclaimer qw/:standard/;
