Hi,
I am using CGI::Application under mod_perl 1.29/with mod_ssl on a Solaris
10 machine.
Since our move from a internal office machine that was not using SSL to an
outside machine that is, I have not been able to get the Basic user's name.
I think I have tried just about everything, including the correct way. That
should be, if the ENV doesn't work, then I should be able to use
Apache::Request to get the info, I had to do that with the IP address a
long while back for example.
But this doesn't work:
my $r = Apache->request(); #
my $c = $r->connection;
my $user = $c->user();
warn "REMOTE USER IS,$user";
And I get nothing for the $user.
So I tried this:
my $r = Apache->request(); #
my $headers = $r->headers_in();
warn Dumper \%ENV;
warn Dumper $headers;
my $c = $r->connection;
my $user = $c->user();
warn "REMOTE USER IS,$user";
Output...
%ENV dump
'SSL_SESSION_ID' =>
'48E61FD73981E09104082EFFB995DCB4B5941ACD63B4DE189280B2A1A609029C6',
'SCRIPT_NAME' => '/perl/multi_cs.cgi',
'SSL_PROTOCOL' => 'SSLv3',
'REQUEST_METHOD' => 'GET',
'HTTP_ACCEPT' =>
'text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5',
'SCRIPT_FILENAME' => '/usr/local/apachessl/perl/multi_cs.cgi',
'SSL_VERSION_LIBRARY' => 'OpenSSL/0.9.7d',
'SSL_VERSION_INTERFACE' => 'mod_ssl/2.8.19',
'SSL_CLIENT_VERIFY' => 'NONE',
'SSL_SERVER_S_DN_ST' => 'British Columbia',
'SERVER_SOFTWARE' => 'Apache/1.3.31 (Unix) mod_perl/1.29
mod_ssl/2.8.19 OpenSSL/0.9.7d',
'SSL_SERVER_I_DN_OU' => 'Equifax Secure Certificate Authority',
'QUERY_STRING' =>
'datecontrol1=&datecontrol2=&rm=order_display&ord_num=&old_ord_num=&cu_phone_raw=&postal=&cu_lastname=&cu_firstname=&cu_address1=&cu_city=&cu_st_prov=n%2Fa&cu_countrycode=--&cu_email=&quantity_ordered=&product_name=0&username=&Submit=Go+Search&month=0&day=0&year=0&endmonth=0&endday=0&endyear=0&orderby=orders.ord_date',
'REMOTE_PORT' => '4398',
'HTTP_USER_AGENT' => 'Mozilla/5.0 (Windows; U; Windows NT 5.0;
en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0',
'SSL_SERVER_S_DN_CN' => 'dmcontact.com',
'SERVER_SIGNATURE' => '<ADDRESS>Apache/1.3.31 Server at
dmcontact.com Port 443</ADDRESS>
',
'SSL_SERVER_S_DN_L' => 'Victoria',
'HTTP_CACHE_CONTROL' => 'max-age=0',
'HTTP_ACCEPT_LANGUAGE' => 'en-us,en;q=0.5',
'HTTP_KEEP_ALIVE' => '300',
'SSL_SERVER_A_SIG' => 'sha1WithRSAEncryption',
'PATH' =>
'/usr/sbin:/usr/bin:/usr/ccs/bin:/usr/openwin/bin:/usr/dt/bin:/usr/platform/i86pc/sbin:/opt/sun/bin:/usr/local/mysql/bin:/usr/sfw/bin:/opt/SUNWvts/bin:/opt/SUNWexplo/bin',
'GATEWAY_INTERFACE' => 'CGI-Perl/1.1',
'SSL_CIPHER_USEKEYSIZE' => '256',
'HTTPS' => 'on',
'SSL_CIPHER_ALGKEYSIZE' => '256',
'DOCUMENT_ROOT' => '/usr/local/apachessl/htdocs',
'SSL_SERVER_M_SERIAL' => '051E24',
'SSL_CIPHER_EXPORT' => 'false',
'SSL_SERVER_S_DN_O' => 'DM Contact Management Ltd.',
'SSL_SERVER_S_DN' => '/C=CA/ST=British Columbia/L=Victoria/O=DM
Contact Management Ltd./CN=dmcontact.com',
'SERVER_NAME' => 'dmcontact.com',
'SSL_SERVER_I_DN_O' => 'Equifax',
'HTTP_REFERER' =>
'https://dmcontact.com/perl/multi_cs.cgi?rm=order_search',
'HTTP_ACCEPT_ENCODING' => 'gzip,deflate',
'PERL_SEND_HEADER' => 'On',
'SERVER_ADMIN' => '[EMAIL PROTECTED]',
'HTTP_CONNECTION' => 'keep-alive',
'SSL_SERVER_V_END' => 'Oct 14 18:07:34 2005 GMT',
'SSL_SERVER_I_DN_C' => 'US',
'HTTP_ACCEPT_CHARSET' => 'ISO-8859-1,utf-8;q=0.7,*;q=0.7',
'TZ' => 'US/Pacific',
'SSL_SERVER_V_START' => 'Oct 13 18:07:34 2004 GMT',
'SERVER_PORT' => '443',
'SSL_SERVER_S_DN_C' => 'CA',
'SSL_SERVER_A_KEY' => 'rsaEncryption',
'REMOTE_ADDR' => '24.179.181.36',
'SSL_CIPHER' => 'DHE-RSA-AES256-SHA',
'SERVER_PROTOCOL' => 'HTTP/1.1',
'REQUEST_URI' =>
'/perl/multi_cs.cgi?datecontrol1=&datecontrol2=&rm=order_display&ord_num=&old_ord_num=&cu_phone_raw=&postal=&cu_lastname=&cu_firstname=&cu_address1=&cu_city=&cu_st_prov=n%2Fa&cu_countrycode=--&cu_email=&quantity_ordered=&product_name=0&username=&Submit=Go+Search&month=0&day=0&year=0&endmonth=0&endday=0&endyear=0&orderby=orders.ord_date',
'SSL_SERVER_M_VERSION' => '3',
'SSL_SERVER_I_DN' => '/C=US/O=Equifax/OU=Equifax Secure
Certificate Authority',
'SERVER_ADDR' => '24.90.29.168',
'HTTP_HOST' => 'dmcontact.com',
'MOD_PERL' => 'mod_perl/1.29'
};
$r->headers_in() Dump
$VAR1 = bless( {
'Accept' =>
'text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5',
'Accept-Charset' => 'ISO-8859-1,utf-8;q=0.7,*;q=0.7',
'Accept-Encoding' => 'gzip,deflate',
'Accept-Language' => 'en-us,en;q=0.5',
'Authorization' => 'Basic (crypted password here)',
'Cache-Control' => 'max-age=0',
'Connection' => 'keep-alive',
'Host' => 'dmcontact.com',
'Keep-Alive' => '300',
'Referer' =>
'https://dmcontact.com/perl/multi_cs.cgi?rm=order_search',
'User-Agent' => 'Mozilla/5.0 (Windows; U; Windows NT
5.0; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0'
But where is the user? I can get the password from Authorization, the
username is getting recorded in the Access log, so I know it does exist and
Apache knows about it.
I am lost, this is pretty important for this app too :(
Thanks,
Eric
