Re: setHandler question

Sun, 16 Dec 2012 13:59:41 -0800 

Andre,

Ryan Gies wrote:
> On 12/14/2012 8:52 AM, André Warnier wrote:
>> I suppose that in the end I will want to do something like this :
>>
>> my $finfo = $r->finfo();
>> # do something to $finfo to set the flag
>> $r->finfo($finfo);
>> $r->handler('modperl');
>> $r->set_handlers(PerlResponseHandler => \&_my_response_handler);
>>
>> but how do I "do something to $finfo" ?
>>
>> Or am I totally off-track here ?
>>
>> TIA
> For what it's worth, I have consistent success in using $r->finfo to
> tell Apache the final destination. In the case that $you_want_to_hook
> (below) is false, Apache will also serve the intended file. The timing
> used is:
>
> PerlMapToStorageHandler
>
>   $r->filename($path); # where $path is an absolute file-system path
>   $r->finfo(APR::Finfo::stat($path, APR::Const::FINFO_NORM, $r->pool));
>   return Apache2::Const::OK;
>
> PerlFixupHandler
>
>   if ($you_want_to_hook) {
>     $r->push_handlers(PerlResponseHandler => \&_response_handler);
>     $r->handler('modperl');
>     return Apache2::Const::OK;
>   }
>

Let me explain better what I am looking for :

<LocationMatch "/IIS_app/(.*)$">
   PerlAuthenHandler SLC->authenticate
   PerlAuthzHandler SLC->authorize
   PerlSetVar SLC_login_page "/public/login.html"
   ...
   ProxyPassMatch http://localhost:8800/$1
</LocationMatch>

In other words,
- Apache+mod_perl is acting as a reverse proxy for an application running under 
IIS on the
same server
- but this IIS application requires a special HTTP header to authenticate the 
user
- In the Location above, the PerlAuthenHandler checks if the user is 
authenticated.
     - If yes, it adds the required HTTP header to the request, and then a few 
steps later
the proxying happens to IIS, and that's fine.
     - If not, it sends back a login page.

What I want to do refers to the "sends back a login page".
In case the user is not authenticated, I do /not/ want Apache to proxy the call 
to IIS.
I want to reset the response handler so that it is no longer mod_proxy, but 
mod_perl, and
my own PerlResponseHandler (which sends back the login page 
"/public/login.html", after
munching on it).
But what happens is that the proxying runs anyway, and the request ends up in 
IIS, but
without the authentication header.
That's what I want to avoid.

What you want works for me when reverse proxying to Tomcat or another Apache by 
adding a
require valid-user inside the LocationMatch

Regards,
Rafael Caceres

Reply via email to