Hi, I'm in the happy position of finding myself a solution to my problem. Here it is for anyone interested ...
PerlModule MyModules::Module1 <Directory /usr/local/apache1/protected> SetHandler perl-script PerlHandler MyModules::Module1 PerlSendHeader Off </Directory> PerlModule Apache::PerlRun <Directory /usr/local/apache1/protected/admin/> SetHandler perl-script PerlHandler MyModules::Module1 Apache::PerlRun Options +ExecCGI </Directory> And then, inside my handler, when I decide the users are alowed to run scripts from the /admin directory I let them through by returning DECLINE, if not I print an error page and return DONE to skip the second handler in this phase. Thanks anyway, Lian Sebe, M.Sc. Freelance Analyst-Programmer www.programEz.net > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Wednesday, August 06, 2003 2:33 PM > To: [EMAIL PROTECTED] > Subject: ModPerl - CGI in the same request phase > > > Hi again everybody, > > I have the following interesting (I hope ;-) requirement. Sorry for this > rather long posting. > (mod_perl 1, Apache 1.3.27) > > I have a custom authentication & authorization handler of mine > which is the > king in a protected directory (and its subdirectories): > > PerlModule MyModules::Module1 > <Directory /usr/local/apache1/protected> > SetHandler perl-script > PerlHandler MyModules::Module1 > PerlSendHeader Off > </Directory> > > Then, for some users that I authenticate as SuperUsers, I should allow the > execution of the administrative .cgi scripts in a subdir of this > dir(/usr/local/apache1/ssl/protected/admin). > > (One solution would be to integrate the cgi-s logic into my handler but > let's say want to leave them as simple CGI scripts.) > > I tried to use the Apache::PerlRun in the subdir like this: > PerlModule Apache::PerlRun > <Directory /usr/local/apache1/protected/admin> > SetHandler perl-script > PerlHandler Apache::PerlRun > PerlSendHeader On > Options ExecCGI > </Directory> > > I tried also: > <Directory /usr/local/apache1/ssl/protected/admin> > SetHandler cgi-script > Options +ExecCGI > </Directory> > > The problem is it allows anybody to execute the cgi's since it's not going > through my handler anymore (a "warn ..." statement inserted in my handler > shows it's not executed when requesting /protected/admin/* files.) > > More generally: "how can I dynamically change a directory's handler during > the same phase" > > I was thinking about using dynamic stacked handlers, something > like: if the > user is allowed in the admin section, my handler should push the > cgi-script > handler in the line of execution. However, the documentation says about > stacking more custom created handlers and not those coming with Apache so > I'm not sure how to do it. > > Thanks for your time, > > Lian Sebe, M.Sc. > Freelance Analyst-Programmer > www.programEz.net >