Re: Perl Authorization handler called before authentication handler

Fri, 12 Sep 2014 10:23:41 -0700 

On Fri, Sep 12, 2014 at 12:14:35PM -0400, Lathan Bidwell wrote:
> I have looked all around apache's documentation on how to upgrade from 2.2
> to 2.4, but they don't include much about using PerlAddAuthzProvider or
> PerlAuthenHandler.
> 
> I have this config section:
> 
> PerlAddAuthzProvider membersuser Application::User::Members->authorize24
> 
> <DirectoryMatch ^.*/members/>
>         DirectoryIndex disabled
>         PerlAuthenHandler       Application::User::Members->authenticate24
>         #PerlAuthenHandler      Application::User::Members::authenticate24
> 
>         AuthType        Application::User::Members
>         AuthName        "Members"
> 
>         Require membersuser testing123
> </DirectoryMatch>
> 
> 
> But for some reason, my authorize24 subroutine is being called before my
> authenticate24 subroutine.
> 
> I have simplified those 2 subroutines down to printing debugging info to
> the error log, (the authen sub sets $r->user('testing')), but I cannot
> figure out why the handlers are called in the wrong order.

Summary: Hazarding a complete guess :  Wrong syntax?  

AuthType
"This directive selects the type of user authentication for a directory. The
authentication types available are None, Basic (implemented by mod_auth_basic),
Digest (implemented by mod_auth_digest), and Form (implemented by
mod_auth_form)." [1]

Not totally familiar with this (just learning it myself) but that gives me 
AuthType Basic|Digest|Form|None

Application::Users::Members isn't mentioned in the apache documentation ;->

[2] gives better clues thusly:

"Here is the whole configuration section that requires users to authenticate
before they are allowed to run the registry scripts from /perl/:

  <Location /perl/>
    SetHandler perl-script
    PerlResponseHandler ModPerl::Registry
    PerlAuthenHandler MyApache2::SecretLengthAuth
    Options +ExecCGI
                            
    AuthType Basic
    AuthName "The Gate"
    Require valid-user
  </Location>
"
I'm sure you can extrapolate the information in that article and particularly
that config snippet given above to your particular situation.

Please note that article's use of the Require Directive more on which can be
found in [3]

Good luck and kind regards

L.
[1] http://httpd.apache.org/docs/current/mod/mod_authn_core.html
[2] http://perl.apache.org/docs/2.0/user/handlers/http.html#PerlAuthzHandler
[3] http://httpd.apache.org/docs/current/mod/mod_authz_core.html

Reply via email to