-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 | I have uploaded my MyAuthenHandler.pm and the modules it relies on for | configuration perhaps if you have time you could peruse the code and let me | know if I am doing anything wrong for this type of operation. | | Thanks again for your help on this. | | http://www.nabble.com/file/p17356582/MyAuthenHandler.pm MyAuthenHandler.pm | http://www.nabble.com/file/p17356582/MyModPerlUtility.pm MyModPerlUtility.pm | http://www.nabble.com/file/p17356582/MyModPerlDBUtility.pm | MyModPerlDBUtility.pm In my experience and a few others on the list if you search the archives, its almost never worth it to override <Location /> with something unless you don't have any 'assets' being served from this server which is an advisable idea.
Anyway, I think what you are after might be a fully baked AAA (3 httpd phases) More examples are on perl.apache.org Everything below is a snippet of a live site. vhosts-ssl/site.conf: - --------------------- <Location /timeline/login> ~ SetHandler modperl ~ AuthType Basic ~ AuthName "ISST" ~ Require valid-user ~ PerlAccessHandler ISST::Access ~ PerlAuthenHandler ISST::Authen ~ PerlResponseHandler ISST::Login </Location> vhosts/site.conf: - ----------------- RewriteEngine On RewriteRule ^/timeline/login https://%{SERVER_NAME}/timeline/login [L,R] PerlMapToStorageHandler ISST::MapToStorage ### AAA <Location /timeline> ~ AuthType Basic ~ AuthName "ISST" ~ Require valid-user ~ PerlAccessHandler ISST::Access ~ PerlAuthenHandler ISST::Authen ~ PerlAuthzHandler ISST::Authz </Location> <Location /timeline/login> ~ SetHandler modperl ~ PerlResponseHandler ISST::Login </Location> ISST/Access.pm: - --------------- package ISST::Access; use Apache2::RequestRec (); use Apache2::Const -compile => qw(DECLINED REDIRECT OK); use Apache2::Cookie (); sub handler { ~ my $r = shift; ~ return Apache2::Const::DECLINED if $r->uri =~ m#/timeline/(privacy|register)#; ~ .... ~ return Apache2::Const::OK; } ISST/Authen.pm: - --------------- package ISST::Authen; use Apache2::RequestRec (); use Apache2::Const -compile => qw(OK REDIRECT); use Apache2::Cookie (); sub handler { ~ my $r = shift; ~ ## can't used DECLINED or you get the REALM popup ~ return Apache2::Const::OK if $r->uri =~ m#/timeline/(login|logout|register|privacy)#; ~ if (ISST::User->getLoggedIn($r)) { ~ return Apache2::Const::OK; ~ } ~ else { ~ $r->note_basic_auth_failure; ~ $r->headers_out->set(Location => ISST::Const::URL_LOGIN); ~ return Apache2::Const::REDIRECT; ~ } } ISST/Authz.pm: - -------------- package ISST::Authz; use Apache2::RequestRec (); use Apache2::Const -compile => qw(DECLINED OK HTTP_UNAUTHORIZED); sub handler { ~ my $r = shift; ~ return Apache2::Const::DECLINED unless $r->uri =~ m#/timeline/(foo)#; ~ my $resource = $1; ~ my $user = ISST::User->getLoggedIn($r); ~ if ($user->isAllowed($resource)) { ~ return Apache2::Const::OK; ~ } ~ else { ~ return Apache2::Const::HTTP_UNAUTHORIZED; ~ } } ISST/MapToStorage.pm: - --------------------- package ISST::MapToStorage; use Apache2::RequestRec (); use Apache2::Const -compile => qw(DECLINED OK); sub handler { ~ my $r = shift; ~ return Apache2::Const::OK if $r->uri =~ m|/timeline|; ~ return Apache2::Const::DECLINED; } - -- - ------------------------------------------------------------------------ Philip M. Gollucci ([EMAIL PROTECTED]) o:703.549.2050x206 Senior System Admin - Riderway, Inc. http://riderway.com / http://ridecharge.com 1024D/DB9B8C1C B90B FBC3 A3A1 C71A 8E70 3F8C 75B8 8FFB DB9B 8C1C Work like you don't need the money, love like you'll never get hurt, and dance like nobody's watching. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.8 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFINDEIdbiP+9ubjBwRAq31AJ9y7tGTBEvCdNWP11mWthol5RRTVQCdEvym w8yXkT7TpPCm81kKfDBrv1Q= =6jT8 -----END PGP SIGNATURE-----
