[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-modperl
Subject:    Re: wrote Authen module dealing with cookies : now POST requests
From:       Adam Prime <adam.prime () utoronto ! ca>
Date:       2008-06-21 15:39:05
Message-ID: 485D2099.8090601 () utoronto ! ca
[Download RAW message or body]

Dami Laurent (PJ) wrote:
> Hi everybody,
> 
> I recently wrote  an extension to Apache2::AuthenNTLM in order to store 
> the NTLM authentified username in a cookie (module 
> _http://search.cpan.org/dist/Apache2-AuthenNTLM-Cookie/_).
> 
> Now I found out that this module has a critical bug : the content of 
> POST requests gets corrupted (bug 
> _http://rt.cpan.org/Ticket/Display.html?id=36847_).
> 
> I don't really know where to start to fix the bug. My hypothesis is that 
> perhaps this is because I'm using Apache2::Cookie, which itself uses 
> libaprequest, and maybe these modules are not meant to be used in an 
> early Apache phase, and leave the input stream in an buggy state. I 
> looked at a couple of other authentication modules using cookies, but 
> they don't seem to use the Apache2::Cookie API.
> 
> Is that the hypothesis correct ? Does anybody have good advice on that 
> problem ?

There is a lot of code on CPAN using libapreq and/or Apache2::Cookie in 
every phase, so I very seriously doubt that that's a problem.  The first 
thing i'd do in your situation would be to make sure that the bug 
doesn't exist in Apache2::AuthenNTLM, to confirm it's actually specific 
to you're extention.

Telling us what exactly 'gets corrupted' means might help too (ie 
error_log details, or whatever you're seeing).

Adam
[prev in list] [next in list] [prev in thread] [next in thread]