David Castro wrote:
> Okay, a little more tracking down revealed that handler #5 ("check if
> the user is ok _here_") is never getting called when my module is being
> used, but is for Basic auth. Happen to know under which circumstances
> this occurs/doesn't occur? Maybe there is something else I can set to
> get that mechanism called in the first place. This appears to be the
> main problem I have right now, preventing me from moving forward.
I don't see anything funny in the code to short-circuit the request cycle,
so I would assume that things progress as they ordinarily would, which is
like this:
o apache checks for a "Requires" directive, signaling that the authen and
authz phases should be run.
o the authentication phase runs:
- apache calls mod_perl, which dispatches to your PerlAuthenHandler.
- your PerlAuthenHandler returns OK and ends the authen phase. or your
handler returns 403 (or some other error) and immediately goes to the
logging phase.
o the authorization phase runs
- apache calls mod_perl, which dispatches to your PerlAuthzHandler (if
any). if that handler returns OK then thus ends the authz phase, and
mod_authz_ldap will _not_run. if there are no PerlAuthzHandlers registered
then apache will dispatch to mod_authz_ldap.
basically, these parts are somewhat separated from eachother - apache will
call whatever handlers are registered (your #5 above) and those handlers
will run unless the handlers themselves take special steps to avoid being
run (and return DECLINED so other authentication can occur). I don't see
any signs of that, so I don't know what to say. that is, other than check
out the mod_auth_ldap that ships with httpd-2.0 and see if it is any better
behaved than this module.
HTH
--Geoff
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html
