-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Saturday 05 April 2003 00:10, Kruse, Matt wrote:
> For every request to Apache:
> 1. Parse the cookie coming in via the request header
> 2. Pull out each value (ex: NAME=bob;TITLE=boss)
> 3. Convert them to HTTP Request Headers
> 4. Pass the request on to the requested resource (a script of some
> sort)
You'd need to write PerlHeaderParserHandler for that.
> So, if I have a cookie like: NAME=bob;TITLE=boss
> My program would then see the following headers in the request:
> HTTP_NAME=bob
> HTTP_TITLE=boss
Why name NAME to HTTP_NAME? Or do you want the cookie content to appear
in subprocess environment (which has similar naming convention), like
other server variables?
> This will help me simulate a Single-Sign-On situation where the
> authentication handler passes all authenticated user information to
> the resource via headers.
>
> Can anyone help me by either:
> 1. Giving an outline of what handlers I would want to use, and how
> I can write request headers with them
> or
The header parse phase would be ideal, since you're parsing headers.
PerlInitHandler is an alias PerlHeaderParserHandler in .htaccess files.
> 2. Writing some sample code :)
package Your::SSOHandler;
use strict;
use Apache::Constants qw(:common);
use Apache::Cookie;
sub handler {
my $r = shift;
my $in = $r->headers_in;
return DECLINED unless $in->{'Cookie'};
my $cookies = Apache::Cookie->parse($in->{'Cookie'});
return DECLINED unless $cookies{'YourAuthenticationCookie'};
my %values = $cookies{'YourAuthenticationCookie'}->value;
my $env = $r->subprocess_env;
while (my ($key, $value) = each %values) {
my $h_key = 'HTTP_' . uc($key);
$in->{$h_key} = $value;
$env->{$h_key} = $value;
}
return OK;
}
1;
in httpd.conf (or .htaccess), put the following line where approppriate:
PerlModule Your::SSOHandler
PerlHeaderParserHandler Your::SSOHandler
Or something like that. Cutting and pasting may cause parse errors on
incompatible windowing environments :)
> NOTES:
> 1. I'm running Apache 2.0 and mod_perl 2 right now, but I can bump
> it down if required
I don't know much about the differences in mod_perl 1 vs 2. These
handlers work at least for Apache/mod_perl 1.
> 2. I've already used mod_headers to simulate this, but
> unfortunately that isn't dynamic enough for testing, ie, I need to
> change httpd.conf and re-start the server to test different header
> scenarios.
For testing you could make the handler module stat and evaluate contents
of an external Perl file. Put your code on the file to be evaluated,
and avoid restarts.
Or simply sending SIGUSR1 to the Apache parent process should be enough
for it to restart child processes and reread configuration.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE+jp7eWD8Ca88cV68RAuBAAJ9u0KWd2bAsHrYes/DXtareCYi00gCgkIEC
o8OTRNmghIHRUhJZAqX+gbs=
=YCIq
-----END PGP SIGNATURE-----
