"Rob Bloodgood" <[EMAIL PROTECTED]> writes:
> So I finally decided to plunge into AuthCookie*, and settled on
> AuthCookieDBI cuz it's pretty complete, and meets my environment, and I
> don't have to subclass it to even try it.
>
> DAMN what a *****!
>
> Oh, mostly it's an EXCELLENT module.
>
> Mostly.
>
> For starters, as verbose as the docs are, they aren't as clear as one would
> hope. HOWEVER I finally got it to where everything LOOKS right, but I still
> have no go.
>
> As I delved into the problem, I found the following:
>
> The module has a BEGIN {} block that reads the server config for parameters
> of the form
> PerlSetVar MyRealmSecretKeyFile "/etc/httpd/conf/secretkeyfile.txt"
>
> into the module global hash %SECRET_KEYS
>
> and the docs recommend it be
> -rw------- root root
>
> so that it's only readable on server startup.
>
> HOWEVER, whenever the module is actually invoked, %SECRET_KEYS is empty!
>
I discovered the same thing. I think the problem is that the BEGIN
block as written, only considers parameters defined in the *main
server*. So if you have any PerlSetVar in a Virtual Server, it will
not be found.
A kludgy workaround is to move the PerlSetVar out of any Virtual
Server sections. A better option is to reimplement the mechanism for
populating the SECRET_KEYS hash, so that Virtual Servers are handled
properly.
--
Vegard Vesterheim : Phone: +47 73593002
Runit AS : Fax: +47 73591700
N-7465 Trondheim, NORWAY : Email: [EMAIL PROTECTED]