Hi,
I have a minor problem with Apache and mod_perl regarding the logging of
response status codes to the access_log.
I have a program where I want to do the authentication manually. The
program has to have a user database anyway, so I would like to
authenticate against that.
Below is a small test program, which manages to send back a 401 response
to get the browser to prompt for a password, and to extract the username
and password on the following request. The program works as expected,
except that the entries in the access_log give a status code of 200 for
both requests, even though the first returns a 401. I have tested with
lynx -trace and manually, and the servers does reply with a 401, only it
logs a 200.
localhost - - [05/Feb/2000:14:48:10 +0100] "GET /auth.cgi HTTP/1.0" 200
-
localhost - - [05/Feb/2000:14:48:58 +0100] "GET /auth.cgi HTTP/1.0" 200
82
Also the username doesn't show up in the log, but that is probably
because I bypass the server based authentication completely.
Do I have to make a specialised PerlAuthenHandler to get this right?
Never tried that before. I would probably have to reinstall Apache and
mod_perl for that.
Anyway, I would be happy if somebody could thred a bit of light on this.
I use Apache 1.3.9, modperl 1.21, CGI.pm 2.46
--
René Seindal ([EMAIL PROTECTED]) http://www.seindal.dk/rene/
----------------------------------------------------------------
#!/usr/bin/perl -w
use CGI;
use Apache;
use MIME::Base64;
&main(new CGI());
exit(0);
sub main {
my ($q) = @_;
my $r = Apache->request;
my $auth = $r->header_in('Authorization');
if ($auth) {
print $q->header('text/plain', '200 OK');
print("ACCESS OK\n");
print("Debug output\n");
print("Authorization: $auth\n");
my ($user, $pw) = split(/:/, decode_base64(substr($auth, 6)));
print("User $user, Password $pw\n");
} else {
local $| = 1;
print $q->header(-type=>'text/plain',
-nph=>1,
-status=>'401 Unauthorized',
-WWW_Authenticate=>'Basic realm="hej"');
print("You need a password\n");
}
}
---------------------------------------------------
