I'm using a PerlResponseHandler to control access to selected
directories of a site, and I've encountered a similar problem to that
described in
http://marc.theaimsgroup.com/?l=apache-modperl&m=106141216914801&w=2
where returning a 'declined' status is skipping other handlers and
going straight to Apache's default handler.
My code is:
package MyApache::Permissions;
use strict;
use warnings;
use Apache::RequestRec ();
use Apache::Const -compile => qw(OK DECLINED);
my %protected_dirs = (
'foo' => 1,
'bar/baz' => 1,
);
sub handler {
my $r = shift;
my $requested_dir = $r->filename;
$requested_dir =~ s|^/home/www/html/my_site/(.*)/[^\/]*$|$1|;
return Apache::DECLINED unless exists $protected_dirs{$requested_dir};
$r->content_type('text/plain');
print "mod_perl has taken over the $requested_dir directory...\n";
return Apache::OK;
}
1;
and this is active over the whole site, using these directives in
httpd.conf:
<Location />
SetHandler perl-script
PerlResponseHandler MyApache::Permissions
</Location>
Blocking the named directories works fine, but for the unblocked
directories (the ones for which I return Apache::DECLINED) the
existing (non-Perl) response handlers aren't taking effect, so my
ColdFusion scripts are being sent through unparsed, and directory
indexes no longer work (/something/index.html works, /something/
returns a 404).
I suspect the problem is on the Apache side; the SetHandler is
overriding all other handlers. Is there any way around this?
I'm using Apache/2.0.47 and mod_perl/1.99_10, on Linux.
- Matthew
