Re: getting URL of refused page, after OnDeny
Can you set up a custom error document handler and redirect to that, rather than using your OnDeny? Return something like 409 (Conflict), and Apache will do an internal redirect, from which you can get the requesting URI in the same way that you can in other redirects. Actually, how is the require handled? What does your auth handler return if the user is not subscribed? Can/does your handler do an internal redirect? I do (in my C handler): ap_table_set (r-headers_out, Location, sec-auth_LNonDeny); return REDIRECT; your suggestion sounds good, off to hit my books to see how to do that - sounds like a good solution (never done an internal redirect - I think -)) thanks for the pointer, Bob Waldstein [EMAIL PROTECTED]
getting URL of refused page, after OnDeny
my setup: I have files in a directory, that a user can only get if subscribed. My apache is hacked with both C and mod_perl enhancements to authentication/authorization. My .htaccess looks as follows: AuthName library services AuthType Basic limit GET require subscribe idc OnDeny http://myserver/refusals/idc.html /limit the problem: when a unsubscribed user tries to go to: http://myserver/protected-dir/document.pdf and gets bounced to the refusal/subscription page (idc.html) I would like to know the refused page (/protected-dir/document.pdf) so I can send them back there when they subscribe. I don't see any way to carry this infomation? Am thinking about hacking more so I can have an OnDeny line like OnDeny http://myserver/refusals/idc.html?refused=$URI but feel like I am probably missing something! THanks for any pointers, Bob Waldstein [EMAIL PROTECTED]
2 servers based on .htaccess authentication
We are finally planning to "do the right thing" and have a light weight and heavy weight server. Our problem is that our (immediate) users set up the protections for each directory with .htaccess files - and they use PerlAuthzHandler and PerlAuthenHandlers - so to decide if a file can be delivered requires modperl. So the solution I have come up with is to proxyPass any request requiring authentication to the modperl server. Any existing solution is welcome! The approach I am trying though is: - write an authentication module (in C) to add to the light weight server. All it does is bunce the request to the heavy server. This is figuring if apache invokes this module authentication is being attemtped. Problem: something is still seeing and complaining about the PerlAuthenHandler stuff. I have pulled (I believe) all the other authentation and authorization modules - why and which apache aspect might be doing this??? A concern: in my module I do a REDIRECT to the heavy weight. Doesn't this go back to the browser? How do I do a proxyPass in C like the rewrite setup does so well?? THanks, Bob Waldstein [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
redirecting from within a XSSI #perl routine?
I have an XSSI !--#perl ... -- routine that does stuff based on user info in a cookie. My problem: if the cookie isn't set I want to bounce the user to a script like cgi-bin/assign_cookie?backto=myXSSIpage Setting the Location header doesn't seem to stick? Am I too late - have the headers been already formatted (and sent?). Anyway to do this? THat is, to have an XSSI set the Location header? thanks much, Bob Waldstein ([EMAIL PROTECTED])
