On Feb 20, 2019, at 11:28 AM, Michael Schout <msch...@gkg.net> wrote:
> As for AuthCookieDBI, you may not even need to change it to use
> Apache2_4::AuthCookie base, as eventually I managed to get all of the
> changes needed to work togehter in Apache2::AuthCookie. I left
> Apache2_4::AuthCookie for historical reasons, and in case further issues
> came up that would require more changes that were 2.4 exclusive.
Impressive! And good to know.
> If you aren't doing anything fancy with `require` directives, you likely
> don't need to worry about creating an Authz provider, which is where
> most of the issues are when moving to 2.4. Looking at AuthCookieDBI, it
> does implement support for `require group`, so if you need that, you
> will need to create an Authz provider that implements it. But if not,
> you can probably not worry about it.
Well, I definitely have to worry about it, unfortunately. We use group-based
authorization ('require group foo') extensively.
Looking at your
https://metacpan.org/pod/distribution/Apache-AuthCookie/README.apache-2.4.pod
document, we need a
PerlAddAuthzProvider group My::AuthCookieHandler->authz_group
Any pointers to a working AuthzProvider written in Perl (like for the "species"
one) in your examples? It's not perfectly clear to me how to go about that.
Many thanks,
Ed
