On Feb 21, 2019, at 5:22 AM, Vegard Vesterheim
wrote:
> I registered a ticket against Apache2-AuthCookieDBI regarding this issue
> a long time ago:
>
> https://rt.cpan.org/Public/Bug/Display.html?id=106663
>
> We do not use this any longer. But, given that the ticket is still open,
> I wonder
On 2/21/2019 9:46 AM, Michael Schout wrote:
Another common thing I've seen people do is return an invalid
Apache2::Const value from an Authz provider. You must return one of a
Yup, been there done that :).
I pieced this together, if my memory is correct, from apache mailing
list posts, as
On 2/21/19 3:41 AM, André Warnier (tomcat) wrote:
> 1) the "authz" function is now called *first* (before any authentication
> module has been called - even non-perl add-on ones),
> and
> 2) it *can* be called 2 or more times during the same request cycle
> and
Yes, and this allows you to do