Getting multiple header entries from AuthCookie returned to the
client. This happens even if I stub out the authen_cred and
authen_ses_key to return foo. Other thing I notice after
adding logging to the authentication and authorization sub's
is that the $r-connection-user set by authentication isn't
available in $r-connection-user in authorization. As a
result of the undef $r-connection-user in authorization
it's sending back a FORBIDDEN which [I think?] causes the
problems.
The examples I've seen of login_form code use a simple print to
get things on the screen (e.g., Apache::AuthTicket).
I've tried this and various combinations of sending the headers
and form with no luck.
Ideally Apache::AuthCookie should only require the login_form,
authen_cred and authen_ses_key sub's to function with the
addition of login_screen to use a location rather rather than
#!-ed code for the login form.
Does anyone know of a simple, working example of deriving a
class from Apache::AuthTicket or some specific documentation
for a complete class? The code that comes with it is only
useful for testing
Below are the relavant error_log items (showing the user
available in authenticate and undef in authorize).
thanx.
sl
# Authorization cookie handler.
PerlModule Cdr::AuthCookie;
PerlSetVar CDRPath /foo
PerlSetVar CDRLoginScript /cdrloginform
PerlSetVar CDRLoginHandler /cdrlogin
#PerlSetVar CDRExpires +8h
PerlSetVar AuthCookieDebug 9
# this shows the login form.
Location /cdrloginform
SetHandler perl-script
PerlHandler Cdr::AuthCookie-login_form
/Location
# handle posted data from the login form.
location /cdrlogin
SetHandler perl-script
AuthTypeCdr::AuthCookie
AuthNameCDR
PerlHandler Cdr::AuthCookie-login
/Location
Location /foo
SetHandler perl-script
AuthTypeCdr::AuthCookie
AuthNameCDR
PerlAuthenHandler Cdr::AuthCookie-authenticate
PerlAuthzHandlerCdr::AuthCookie-authorize
PerlHandler Cdr::Hello
require valid-user
/Location
Location /foo/bar
SetHandler perl-script
AuthTypeCdr::AuthCookie
AuthNameCDR
PerlAuthenHandler Cdr::AuthCookie-authenticate
PerlAuthzHandlerCdr::AuthCookie-authorize
PerlHandler Cdr::Hello
require valid-user
/Location
###
# Cdr::AuthCookie.pm
###
package Cdr::AuthCookie;
use strict;
use base qw( Apache::AuthCookie );
local $\ = \n;
local $, = \n;
# CPAN modules
use Carp;
use Apache::Constants qw(:common M_GET M_POST FORBIDDEN REDIRECT);
use Apache::Log;
use Digest::MD5 qw( md5_hex );
# used for sharing and generating the shared secret
# used in the authrization process.
use IPC::SysV;
use IPC::Shareable;
use Digest::MD5 qw( md5_hex );
use Data::Dumper;
$Data::Dumper::Purity = 1;
$Data::Dumper::Terse= 1;
$Data::Dumper::Indent = 1;
$Data::Dumper::Deepcopy = 0;
$Data::Dumper::Quotekeys= 0;
# homegrown modules
use Cdr::Reportz;
use Cdr::Shared qw( logrequest sendreply );
# package variables
# initialize the untied variable to false, use $key to check the status.
our $secret = '';
our $key = '';
# amount of time before a cookie times out.
# currently set to 8 hours (28 800 sec).
#
# 10 sec for testing only, probably useful in production.
my $timeout = 30; #28800;
# login screen returns this to the caller.
my $loginform = 'END';
html
head
!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 3.2 Final//EN
base href=$ENV{BASEURL}
/head
body
form method=get action=/cdrlogin
!-- Login form for an Cdr::AuthCookie --
input type=hidden name=destination value=DEST
table
tr
th align=center colspan=2 Please Enter Your Username and Password to
log in:
tr
th align=right Username:
td align=left input type=text name=credential_0 size=12
maxlenth=12
tr
th align=right Password:
td align=left input type=password name=credential_1 size=12
maxlenth=12
tr
