Access handler always comes *before* authentication/authorization. Maybe add the legal agreement as part of the authorization handler or as a Fixup handler?
See http://perl.apache.org/docs/2.0/user/handlers/http.html#HTTP_Request_Cycle_Phases Issac David Eisner wrote: > We have a section of our website that is protected by Basic > username/password authentication. I've been asked to setup a system > where, once successfully authenticated, users are taken to a legal > agreement page which they are asked to accept before they can continue > to the page they requested. > > I'm using mod_perl 2.0.3 to implement this. The basic system now > works. I have a PerlAccessHandler installed for the protected portion > of the site, which checks for the presence of an "ACCEPT_LA" cookie. > If the cookie is not set, the user is redirected to a form with the > agreement and "I Agree" / "I Do Not Agree" buttons. If they agree, > the ACCEPT_LA cookie is set and they are redirected to the page they > originally requested. > > The only problem right now is that when visiting a URL in the > protected part of the site, the user *first* gets taken to the legal > agreement, and if they accept it, they are *then* asked to login. The > desired behavior is that the user first gets the Basic AuthType > username/password dialog, and if they successfully login, then they > get taken to the agreement page. > > How can I change the ordering of the handlers to achieve this? I > checked the documentation and it seems incomplete, indicating that > Hook Ordering is "not working." [1] Is that the end of the story? > > Thanks. > > -David > > [1] > http://perl.apache.org/docs/2.0/user/handlers/intro.html#Hook_Ordering__Position_ > >
