Hello,
I'm having trouble with PerlAuthenHandler.
The symptom is that in a browser (Firefox at least), I'm prompted for
a password the first time I visit a page. If I enter it incorrectly,
I'm not prompted again, but instead just see the error page.
The cause seems to be that when mod_perl gets an "Authorization"
header in the request, it doesn't supply a "WWW-Authenticate" header
in the response.
Even in a very simple PerlAuthenHandler I see this behavior. I've
attached an example that shows the problem with this configuration:
PerlModule Authen::AlwaysFails
<Directory "/home/sgifford/public_html/authtest">
PerlAuthenHandler Authen::AlwaysFails
AuthType Basic
AuthName "GOOD LUCK"
Require valid-user
</Directory>
I'm running on Debian 3.1 (Sarge), using the distribution copies of
Apache 1.3.33, mod_perl 1.27, and perl 5.8.4.
Any ideas?
Thanks!
----Scott.
package Authen::AlwaysFails;
use strict;
use warnings;
use Apache::Constants qw(HTTP_UNAUTHORIZED OK);
use Apache;
sub handler
{
my ( $class, $r ) = @_;
$r ||= Apache->request;
warn "Class='$class'; r='$r'\n";
my( $rc, $password ) = $r->get_basic_auth_pw;
unless ( $rc == OK ) {
warn "Returning $rc\n";
return $rc;
}
return HTTP_UNAUTHORIZED;
}
1;
