Hi again everybody,
I have the following interesting (I hope ;-) requirement. Sorry for this
rather long posting.
(mod_perl 1, Apache 1.3.27)
I have a custom authentication & authorization handler of mine which is the
king in a protected directory (and its subdirectories):
PerlModule MyModules::Module1
<Directory /usr/local/apache1/protected>
SetHandler perl-script
PerlHandler MyModules::Module1
PerlSendHeader Off
</Directory>
Then, for some users that I authenticate as SuperUsers, I should allow the
execution of the administrative .cgi scripts in a subdir of this
dir(/usr/local/apache1/ssl/protected/admin).
(One solution would be to integrate the cgi-s logic into my handler but
let's say want to leave them as simple CGI scripts.)
I tried to use the Apache::PerlRun in the subdir like this:
PerlModule Apache::PerlRun
<Directory /usr/local/apache1/protected/admin>
SetHandler perl-script
PerlHandler Apache::PerlRun
PerlSendHeader On
Options ExecCGI
</Directory>
I tried also:
<Directory /usr/local/apache1/ssl/protected/admin>
SetHandler cgi-script
Options +ExecCGI
</Directory>
The problem is it allows anybody to execute the cgi's since it's not going
through my handler anymore (a "warn ..." statement inserted in my handler
shows it's not executed when requesting /protected/admin/* files.)
More generally: "how can I dynamically change a directory's handler during
the same phase"
I was thinking about using dynamic stacked handlers, something like: if the
user is allowed in the admin section, my handler should push the cgi-script
handler in the line of execution. However, the documentation says about
stacking more custom created handlers and not those coming with Apache so
I'm not sure how to do it.
Thanks for your time,
Lian Sebe, M.Sc.
Freelance Analyst-Programmer
www.programEz.net
