[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-modperl
Subject:    Re: Perl Authorization handler called before authentication handler
From:       Jie Gao <J.Gao () sydney ! edu ! au>
Date:       2015-06-26 7:01:35
Message-ID: 20150626070135.GF426 () inforich ! ucc ! usyd ! edu ! au
[Download RAW message or body]

* Lathan Bidwell <lathan@andrews.edu> wrote:

> Date: Fri, 12 Sep 2014 12:14:35 -0400
> From: Lathan Bidwell <lathan@andrews.edu>
> To: modperl@perl.apache.org
> Subject: Perl Authorization handler called before authentication handler
 
Not sure if you still need this, but my findings are it is the
correct behaviour under Apache24 for the authz to run first; if anything
in authz requires any info from the authn phase, authn will be
run and authz will be re-run after that.

As authz behaves "drastically" different under ap24 (for the better),
any existing ap2.* modperl authn/authz modules will need to be overhauled.

You can play with the RequireAll/RequireAny containers to get a hang of it.
I am certainly exploring it now myself.

Regards,


Jie


> I have looked all around apache's documentation on how to upgrade from 2.2
> to 2.4, but they don't include much about using PerlAddAuthzProvider or
> PerlAuthenHandler.
> 
> I have this config section:
> 
> PerlAddAuthzProvider membersuser Application::User::Members->authorize24
> 
> <DirectoryMatch ^.*/members/>
>         DirectoryIndex disabled
>         PerlAuthenHandler       Application::User::Members->authenticate24
>         #PerlAuthenHandler      Application::User::Members::authenticate24
> 
>         AuthType        Application::User::Members
>         AuthName        "Members"
> 
>         Require membersuser testing123
> </DirectoryMatch>
> 
> 
> But for some reason, my authorize24 subroutine is being called before my
> authenticate24 subroutine.
> 
> I have simplified those 2 subroutines down to printing debugging info to
> the error log, (the authen sub sets $r->user('testing')), but I cannot
> figure out why the handlers are called in the wrong order.
> 
> Lathan
[prev in list] [next in list] [prev in thread] [next in thread]