Hello The short version:
How can I force my mod_perl Authen-handler to run after mod_auth and not before it? The long version: I have been trying to do some clever things using a combination of mod_auth with Authen-handlers in mod_perl2 (v1.99.07-1) and apache 2. The actual implementation is not really important, but for reference see [1]. The handler should count the number of failed retries for each user and then do take appropriate action (for instance, ban the user or log info to a file). My approach is to have a perl-handler run right *after* mod_auth when mod_auth has decided the supplied uid/password did not match [2] I have no problems creating a plain authentication handler in mod_perl, but after trying and trying lots of combinations with perl-handlers I am struggling to get my handler to run *after* mod_auth. Like this: <Location /secure/> # AuthAuthoritative Off AuthUserFile /tmp/htpasswd AuthType Basic AuthName "Secrets" Require valid-user PerlAuthenHandler MyApache::AuthenTest </Location> No matter how I configure AuthenTest, it will always run right before mod_auth! Any ideas how do do this, or for that matter, if there is another approach that is better. /Regards Martin [2] http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&selm=be0i9b%2411n3fm%241%40ID-156202.news.dfncis.de [1] I realize there may be issues with HTTP_UNAUTHORIZED causing apache to abort the chain (according to docs anyway), but that can be handled by patching auth_mod if needed.