Mark, Thanks so much for your help. That was not the problem but it helped me see the problem. I was not importing the Constants at the top so regardless of whether I was returning FORBIDDEN or DECLINED, or HTTP_UNAUTHORIZED the value was invalid. I spent hours tracking down this oversight.
Thanks again, Odysseas -----Original Message----- From: Mark Hedges [mailto:hed...@scriptdolphin.org] Sent: Thursday, January 08, 2009 2:24 PM To: Odysseas Pentakalos, Ph.D. Cc: modperl@perl.apache.org Subject: Re: Authorization module is not working On Wed, 7 Jan 2009, Odysseas Pentakalos, Ph.D. wrote: > > sub handler { > my($r) = @_; > > my $log = $r->log; > > return FORBIDDEN unless $r->is_main; > > my $subr = $r->lookup_uri($r->uri); > my $dn = $subr->subprocess_env('SSL_CLIENT_S_DN'); > > $r->log_reason("In CertAuthz a certificate must be provided with a > DN of $dn.", $r->filename); > return FORBIDDEN; > } Try using $r->note_basic_auth_failure() and return Apache2::Const::HTTP_UNAUTHORIZED ? http://perl.apache.org/docs/2.0/user/handlers/http.html#PerlAuthzHandler Mark
