Hi, Thanks for your answer, but for me this is confusing.
I have Apache2_4::AuthCookie is up to date. (3.30) Apache2::AuthCookie is up to date. (3.30) Server version: Apache/2.4.6 (CentOS) Server built: Apr 2 2020 13:13:23 at the end of /etc/httpd/conf.d/ssl.conf there is include /systems/achilles/config/mine_auth_cookie_mod_perl_server_apache2.conf my @inc has /systems/achilles/lib and I have /systems/achilles/lib/Apache2/AuthCookieHandler.pm and /systems/achilles/lib/Apache2_4/AuthCookieHandler.pm in both AuthCookieHandler.pm I've renamed the package line to eg package Apache2_4::AuthCookieHandler; In the directory I want to protect should I have AuthType Apache2::AuthCookieHandler AuthName WhatEver PerlAuthenHandler Apache2::AuthCookieHandler->authenticate Require valid-user or AuthType Apache2_4::AuthCookieHandler AuthName WhatEver PerlAuthenHandler Apache2_4::AuthCookieHandler->authenticate Require valid-user And then what subs/methods I need to add into which AuthCookieHandler.pm ? in startup.pl should I have both or just one? use Apache2::AuthCookie ; use Apache2_4::AuthCookie ; I am not porting from 2.2. I have used Shibboleth until now to protect directories but this project I can not use Shibboleth. Terveisin/Regards Scott Alexander scott.alexan...@humak.fi<mailto:scott.alexan...@humak.fi> ________________________________ From: Edward J. Sabol <edwardjsa...@gmail.com> Sent: 12 May 2020 00:58 To: Scott Alexander <scott.alexan...@humak.fi> Cc: mod_perl list <modperl@perl.apache.org> Subject: Re: Apache2:AuthCookie With httpd 2.4 On May 11, 2020, at 8:58 AM, Scott Alexander <scott.alexan...@humak.fi> wrote: > I've included using > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmanpages.debian.org%2Funstable%2Flibapache2-authcookie-perl%2FApache2_4%3A%3AAuthCookie.3pm.en.html&data=02%7C01%7C%7Cfdafa4a140a44a1c47ed08d7f5f66767%7Ca30a558eb6084b2c8f39a7fa426fa49d%7C0%7C0%7C637248310956933568&sdata=XwSR%2FO7jCwZrZLuYRSWWhp%2Fwz7tCtWkCzjs0fTRTIDk%3D&reserved=0 > as an example > > # In httpd.conf or .htaccess: > PerlModule Sample::Apache2::AuthCookieHandler > PerlSetVar WhatEverPath / ..... > > to my ssl.conf file > > No changes made to httpd.conf or ssl.conf. Those two statements seem to be conflicting? I keep my authentication/authorization information in httpd.conf, personally. > When trying to access the page I get the errors above. That sample configuration from the POD assumes that you are subclassing Apache2::AuthCookie and that the name of your subclass is Sample::Apache2::AuthCookieHandler. It's meant to be illustrative. I'm guessing you don't actually have such a subclass. Try just removing the "Sample::" part. You can probably also find working examples in the tests in the "t" subdirectory. > I've read this > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmetacpan.org%2Fpod%2Fdistribution%2FApache-AuthCookie%2FREADME.apache-2.4.pod&data=02%7C01%7C%7Cfdafa4a140a44a1c47ed08d7f5f66767%7Ca30a558eb6084b2c8f39a7fa426fa49d%7C0%7C0%7C637248310956933568&sdata=SyqV%2FQzJyud4W6ENIgEY9nk%2F9uBzBGf7p6gmShAqivc%3D&reserved=0 > which unfortunately doesn't make sense to me. That POD is meant for people developing (or porting from Apache 2.2.x) their own Perl modules for doing authentication and authorization under Apache 2.4.x. AuthCookie already handles all of this for you, assuming you only need or use AuthCookie. It might apply if you are subclassing from AuthCookie and you get into the gritty details, such as implementing your own AuthzProvider. Check out Apache2_4::AuthCookieDBI for an example of that. https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmetacpan.org%2Fpod%2FApache2_4%3A%3AAuthCookieDBI&data=02%7C01%7C%7Cfdafa4a140a44a1c47ed08d7f5f66767%7Ca30a558eb6084b2c8f39a7fa426fa49d%7C0%7C0%7C637248310956933568&sdata=ew5g7VpZFmfs%2FHN9NAdA9YqHtLY11o36UBl9ljp0zN0%3D&reserved=0 Regards, Ed
