[prev in list] [next in list] [prev in thread] [next in thread]
List: apache-modperl
Subject: Re: Apache2:AuthCookie With httpd 2.4
From: Scott Alexander <Scott.Alexander () humak ! fi>
Date: 2020-05-14 18:04:31
Message-ID: HE1PR03MB2938B21805D4C9A90EC582B89CBC0 () HE1PR03MB2938 ! eurprd03 ! prod ! outlook ! com
[Download RAW message or body]
HI,
Users will login via a form.
Users and their passwords are saved to a mysql database. Getting a hadle to teh db \
and checking is fine.
Expected users about 500.
I understand I must make a
sub authen_cred which creates a session key
and
sub authen_ses_key to find user from session and return it.
is the sub authenticate what looks for a user and if no user returns what?
Then in /systems/achilles/lib/Apache2_4/AuthCookieHandler.pm
I have a sub authenticate but what should I return now in ssl_error_log I get "No \
authentication done but request not allowed without authentication for "
If I remove sub authenticate then I get a 403 forbidden and none of the other subs \
get called.
package Apache2_4::AuthCookieHandler;
use strict;
use Apache2::AuthCookieHandler;
use Apache2::Const qw(AUTHZ_DENIED_NO_USER);
use Apache2::RequestRec;
use Apache::AuthCookie::Util qw(is_blank);
use vars qw(@ISA);
@ISA = qw(Apache2::AuthCookieHandler);
my %Dwarves = map { $_ => 1 }
qw(bashful doc dopey grumpy happy sleepy sneezy programmer);
# authz under apache 2.4 is very different from previous versions
sub dwarf {
my ($self, $r) = @_;
$r->server->log_error("dwarf entry");
my $user = $r->user;
if (is_blank($user)) {
$r->server->log_error("No user authenticted yet");
return Apache2::Const::AUTHZ_DENIED_NO_USER;
}
elsif (defined $Dwarves{$user}) {
$r->server->log_error("$user is a dwarf");
return Apache2::Const::AUTHZ_GRANTED;
}
else {
$r->server->log_error("$user is not a dwarf");
return Apache2::Const::AUTHZ_DENIED;
}
}
sub authenticate {
my $self = shift;
my $r = shift;
$r->server->log_error("LINE 42 2.4");
return WHAT HERE ?
}
sub login {
my $self = shift;
my $r = shift;
$r->server->log_error("LINE 53 2.4");
}
1;
Terveisin/Regards
Scott Alexander
scott.alexander@humak.fi<mailto:scott.alexander@humak.fi>
________________________________
From: André Warnier (tomcat/perl) <aw@ice-sa.com>
Sent: 14 May 2020 14:40
To: modperl@perl.apache.org <modperl@perl.apache.org>
Subject: Re: Apache2:AuthCookie With httpd 2.4
Hi.
Just some tips, to simplify the issue, below in the text :
On 14.05.2020 06:09, Scott Alexander wrote:
> Hi,
>
> Thanks for your answer, but for me this is confusing.
>
> I have
>
> Apache2_4::AuthCookie is up to date. (3.30)
> Apache2::AuthCookie is up to date. (3.30) <--- you do not need this with Apache \
> 2.4 Server version: Apache/2.4.6 (CentOS)
> Server built: Apr 2 2020 13:13:23
>
> at the end of /etc/httpd/conf.d/ssl.conf there is include
> /systems/achilles/config/mine_auth_cookie_mod_perl_server_apache2.conf
>
> my @inc has /systems/achilles/lib
> and I have /systems/achilles/lib/Apache2/AuthCookieHandler.pm
> and /systems/achilles/lib/Apache2_4/AuthCookieHandler.pm
>
> in both AuthCookieHandler.pm I've renamed the package line to eg
> package Apache2_4::AuthCookieHandler;
>
>
> In the directory I want to protect should I have
>
Not with Apache 2.4 :
> AuthType Apache2::AuthCookieHandler
> AuthName WhatEver
> PerlAuthenHandler Apache2::AuthCookieHandler->authenticate
> Require valid-user
>
> or
>
this is what you need with Apache 2.4 :
> AuthType Apache2_4::AuthCookieHandler
> AuthName WhatEver
> PerlAuthenHandler Apache2_4::AuthCookieHandler->authenticate
> Require valid-user
>
> And then what subs/methods I need to add into which AuthCookieHandler.pm ?
>
> in startup.pl should I have both or just one?
>
> use Apache2::AuthCookie ; <-- you do not need this
> use Apache2_4::AuthCookie ; <-- this is correct for Apache 2.4
>
> I am not porting from 2.2. I have used Shibboleth until now to protect directories \
> but this project I can not use Shibboleth.
>
And how exactly do you want the user to authenticate ? via a login page where they \
enter their id and password ?
And what is the way in which you are going to check that these id and password are \
correct ? (in other words : where are the user ids and passwords stored ?)
And how many different users are you planning to have ?
>
>
> Terveisin/Regards
> **
> *Scott Alexander*
>
> scott.alexander@humak.fi <mailto:scott.alexander@humak.fi>
>
> ------------------------------------------------------------------------------------------
>
> *From:* Edward J. Sabol <edwardjsabol@gmail.com>
> *Sent:* 12 May 2020 00:58
> *To:* Scott Alexander <Scott.Alexander@humak.fi>
> *Cc:* mod_perl list <modperl@perl.apache.org>
> *Subject:* Re: Apache2:AuthCookie With httpd 2.4
> On May 11, 2020, at 8:58 AM, Scott Alexander <Scott.Alexander@humak.fi> wrote:
> > I've included using \
> > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmanpages.debian. \
> > org%2Funstable%2Flibapache2-authcookie-perl%2FApache2_4%3A%3AAuthCookie.3pm.en.htm \
> > l&data=02%7C01%7C%7Ccdbbc0aa22f9475f865b08d7f7fbb14a%7Ca30a558eb6084b2c8f39a7f \
> > a426fa49d%7C0%7C0%7C637250532694682960&sdata=i%2BubRiml7K8%2B3s8kLtcpY3blwpCmrNkM6Z337p07%2Bi4%3D&reserved=0
> >
> as an example
> >
> > # In httpd.conf or .htaccess:
> > PerlModule Sample::Apache2::AuthCookieHandler
> > PerlSetVar WhatEverPath / .....
> >
> > to my ssl.conf file
> >
> > No changes made to httpd.conf or ssl.conf.
>
> Those two statements seem to be conflicting? I keep my authentication/authorization
> information in httpd.conf, personally.
>
> > When trying to access the page I get the errors above.
>
> That sample configuration from the POD assumes that you are subclassing
> Apache2::AuthCookie and that the name of your subclass is
> Sample::Apache2::AuthCookieHandler. It's meant to be illustrative. I'm guessing you \
> don't actually have such a subclass. Try just removing the "Sample::" part. You can \
> probably also find working examples in the tests in the "t" subdirectory.
>
> > I've read this https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fm \
> > etacpan.org%2Fpod%2Fdistribution%2FApache-AuthCookie%2FREADME.apache-2.4.pod&d \
> > ata=02%7C01%7C%7Ccdbbc0aa22f9475f865b08d7f7fbb14a%7Ca30a558eb6084b2c8f39a7fa426fa4 \
> > 9d%7C0%7C0%7C637250532694682960&sdata=tiVA1Oic5tVnRV7BAaVaGkcCeW7tukWkt1925QBLSdA%3D&reserved=0
> > which unfortunately doesn't make sense to me.
>
> That POD is meant for people developing (or porting from Apache 2.2.x) their own \
> Perl modules for doing authentication and authorization under Apache 2.4.x. \
> AuthCookie already handles all of this for you, assuming you only need or use \
> AuthCookie. It might apply if you are subclassing from AuthCookie and you get into \
> the gritty details, such as implementing your own AuthzProvider. Check out \
> Apache2_4::AuthCookieDBI for an example of that.
>
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmetacpan.org%2Fpod \
> %2FApache2_4%3A%3AAuthCookieDBI&data=02%7C01%7C%7Ccdbbc0aa22f9475f865b08d7f7fbb1 \
> 4a%7Ca30a558eb6084b2c8f39a7fa426fa49d%7C0%7C0%7C637250532694682960&sdata=igwPJCk%2Buknkk4cEuMBGoYljInf2k5zVJf0z5CH8t9c%3D&reserved=0
>
> Regards,
> Ed
>
[Attachment #3 (text/html)]
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} \
</style> </head>
<body dir="ltr">
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> HI,</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> Users will login via a form. <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> Users and their passwords are saved to a mysql database. \
Getting a hadle to teh db and checking is fine. <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> Expected users about 500. <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> I understand I must make a <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> sub authen_cred which creates a session key <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> and</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> sub authen_ses_key to find user from session and return it. \
<br> </div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> is the sub authenticate what looks for a user and if no user \
returns what?<br> </div>
<br>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> Then in /systems/achilles/lib/Apache2_4/AuthCookieHandler.pm \
<br> </div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> I have a sub authenticate but what should I return now in \
ssl_error_log I get "No authentication done but request not allowed without \
authentication for "<br> </div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> If I remove sub authenticate then I get a 403 forbidden and \
none of the other subs get called. <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> <br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> <span>package Apache2_4::AuthCookieHandler;<br>
</span>
<div><br>
</div>
<div>use strict;<br>
</div>
<div>use Apache2::AuthCookieHandler;<br>
</div>
<div>use Apache2::Const qw(AUTHZ_DENIED_NO_USER);<br>
</div>
<div>use Apache2::RequestRec;<br>
</div>
<div>use Apache::AuthCookie::Util qw(is_blank);<br>
</div>
<div>use vars qw(@ISA);<br>
</div>
<div><br>
</div>
<div>@ISA = qw(Apache2::AuthCookieHandler);<br>
</div>
<div><br>
</div>
<div>my %Dwarves = map { $_ => 1 }<br>
</div>
<div> qw(bashful doc dopey grumpy happy sleepy sneezy programmer);<br>
</div>
<div><br>
</div>
<div># authz under apache 2.4 is very different from previous versions<br>
</div>
<div>sub dwarf {<br>
</div>
<div> my ($self, $r) = @_;<br>
</div>
<div><br>
</div>
<div> $r->server->log_error("dwarf entry");<br>
</div>
<div> my $user = $r->user;<br>
</div>
<div> if (is_blank($user)) {<br>
</div>
<div> $r->server->log_error("No user \
authenticted yet");<br> </div>
<div> return Apache2::Const::AUTHZ_DENIED_NO_USER;<br>
</div>
<div> }<br>
</div>
<div> elsif (defined $Dwarves{$user}) {<br>
</div>
<div> $r->server->log_error("$user is a \
dwarf");<br> </div>
<div> return Apache2::Const::AUTHZ_GRANTED;<br>
</div>
<div> }<br>
</div>
<div> else {<br>
</div>
<div> $r->server->log_error("$user is not a \
dwarf");<br> </div>
<div> return Apache2::Const::AUTHZ_DENIED;<br>
</div>
<div> }<br>
</div>
<div>}<br>
</div>
<div><br>
</div>
<div>sub authenticate {<br>
</div>
<div> my $self = shift;<br>
</div>
<div> my $r = shift;<br>
</div>
<div><br>
</div>
<div> $r->server->log_error("LINE 42 2.4");</div>
<div> <br>
</div>
<div><br>
</div>
<div> return WHAT HERE ? <br>
</div>
<div>}<br>
</div>
<div><br>
</div>
<div>sub login {<br>
</div>
<div> my $self = shift;<br>
</div>
<div> my $r = shift;<br>
</div>
<div><br>
</div>
<div> $r->server->log_error("LINE 53 2.4");<br>
</div>
<div><br>
</div>
<div>}<br>
</div>
<div><br>
</div>
<div>1;<br>
</div>
<span></span><br>
</div>
<div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; \
color: rgb(0, 0, 0);"> <br>
</div>
<div id="Signature">
<div id="divtagdefaultwrapper" dir="ltr" style="font-size:12pt; color:#000000; \
background-color:#FFFFFF; font-family:Calibri,Arial,Helvetica,sans-serif"> <div \
name="divtagdefaultwrapper" style="font-family:Calibri,Arial,Helvetica,sans-serif; \
font-size:; margin:0"> <font size="2" face="Calibri,sans-serif" color="black"><span \
style="font-size:14px"> <div>
<div style="margin:0"><font size="2" face="Calibri,sans-serif"><span \
style="font-size:11pt"><span \
lang="en-US">Terveisin/Regards</span></span></font></div> <div style="margin:0"><font \
size="2" face="Calibri,sans-serif"><span style="font-size:11pt"><span \
lang="en-US"><b> </b></span></span></font></div> <div style="margin:0"><font \
size="2" face="Calibri,sans-serif"><span style="font-size:11pt"><span \
lang="en-US"><b>Scott Alexander</b></span></span></font></div> <font size="2" \
face="Calibri,sans-serif"><span style="font-size:11pt"><font size="2"><span \
style="font-size:9pt" lang="en-US"></span></font></span></font><br> <font size="2" \
face="Calibri,sans-serif"><span style="font-size:11pt"><font size="2"><span \
style="font-size:9pt" lang="en-US"></span></font></span></font> <div \
style="margin:0"><font size="2" face="Calibri,sans-serif"><span \
style="font-size:11pt"><font size="2"><span style="font-size:9pt" lang="en-US"><br> \
</span></font></span></font></div> <div style="margin:0"><font size="2" \
face="Calibri,sans-serif"><span style="font-size:11pt"><a target="_blank" \
href="mailto:scott.alexander@humak.fi" tabindex="0"><font size="2"><span \
style="font-size:9pt">scott.alexander@humak.fi</span></font></a></span></font></div> \
</div> </span></font></div>
</div>
</div>
</div>
<div>
<div id="appendonsend"></div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; \
color:rgb(0,0,0)"> <br>
</div>
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri, \
sans-serif" color="#000000"><b>From:</b> André Warnier (tomcat/perl) \
<aw@ice-sa.com><br> <b>Sent:</b> 14 May 2020 14:40<br>
<b>To:</b> modperl@perl.apache.org <modperl@perl.apache.org><br>
<b>Subject:</b> Re: Apache2:AuthCookie With httpd 2.4</font>
<div> </div>
</div>
<div class="BodyFragment"><font size="2"><span style="font-size:11pt">
<div class="PlainText">Hi.<br>
Just some tips, to simplify the issue, below in the text :<br>
<br>
<br>
On 14.05.2020 06:09, Scott Alexander wrote:<br>
> Hi,<br>
> <br>
> Thanks for your answer, but for me this is confusing.<br>
> <br>
> I have<br>
> <br>
> Apache2_4::AuthCookie is up to date. (3.30)<br>
> Apache2::AuthCookie is up to date. (3.30) <--- you do not need \
this with Apache 2.4<br> > Server version: Apache/2.4.6 (CentOS)<br>
> Server built: Apr 2 2020 13:13:23<br>
> <br>
> at the end of /etc/httpd/conf.d/ssl.conf there is include <br>
> /systems/achilles/config/mine_auth_cookie_mod_perl_server_apache2.conf<br>
> <br>
> my @inc has /systems/achilles/lib<br>
> and I have /systems/achilles/lib/Apache2/AuthCookieHandler.pm<br>
> and /systems/achilles/lib/Apache2_4/AuthCookieHandler.pm<br>
> <br>
> in both AuthCookieHandler.pm I've renamed the package line to eg<br>
> package Apache2_4::AuthCookieHandler;<br>
> <br>
> <br>
> In the directory I want to protect should I have<br>
> <br>
<br>
Not with Apache 2.4 :<br>
<br>
> AuthType Apache2::AuthCookieHandler<br>
> AuthName WhatEver<br>
> PerlAuthenHandler Apache2::AuthCookieHandler->authenticate<br>
> Require valid-user<br>
> <br>
> or<br>
> <br>
<br>
this is what you need with Apache 2.4 :<br>
<br>
> AuthType Apache2_4::AuthCookieHandler<br>
> AuthName WhatEver<br>
> PerlAuthenHandler Apache2_4::AuthCookieHandler->authenticate<br>
> Require valid-user<br>
> <br>
> And then what subs/methods I need to add into which AuthCookieHandler.pm ?<br>
> <br>
> in startup.pl should I have both or just one?<br>
> <br>
<br>
> use Apache2::AuthCookie ; <-- you do not need this<br>
> use Apache2_4::AuthCookie ; <-- this is correct for Apache 2.4<br>
> <br>
<br>
> I am not porting from 2.2. I have used Shibboleth until now to protect \
directories but <br>
> this project I can not use Shibboleth.<br>
><br>
<br>
And how exactly do you want the user to authenticate ? via a login page where they \
enter <br>
their id and password ?<br>
And what is the way in which you are going to check that these id and password are \
correct ?<br> (in other words : where are the user ids and passwords stored ?)<br>
And how many different users are you planning to have ?<br>
<br>
<br>
> <br>
> <br>
> Terveisin/Regards<br>
> **<br>
> *Scott Alexander*<br>
> <br>
> scott.alexander@humak.fi <<a \
href="mailto:scott.alexander@humak.fi">mailto:scott.alexander@humak.fi</a>><br> \
> <br> > ------------------------------------------------------------------------------------------<br>
> *From:* Edward J. Sabol <edwardjsabol@gmail.com><br>
> *Sent:* 12 May 2020 00:58<br>
> *To:* Scott Alexander <Scott.Alexander@humak.fi><br>
> *Cc:* mod_perl list <modperl@perl.apache.org><br>
> *Subject:* Re: Apache2:AuthCookie With httpd 2.4<br>
> On May 11, 2020, at 8:58 AM, Scott Alexander <Scott.Alexander@humak.fi> \
wrote:<br> >> I've included using <a \
href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmanpages.debia \
n.org%2Funstable%2Flibapache2-authcookie-perl%2FApache2_4%3A%3AAuthCookie.3pm.en.html& \
amp;amp;data=02%7C01%7C%7Ccdbbc0aa22f9475f865b08d7f7fbb14a%7Ca30a558eb6084b2c8f39a7fa4 \
26fa49d%7C0%7C0%7C637250532694682960&amp;sdata=i%2BubRiml7K8%2B3s8kLtcpY3blwpCmrNkM6Z337p07%2Bi4%3D&amp;reserved=0">
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmanpages.debian.org \
%2Funstable%2Flibapache2-authcookie-perl%2FApache2_4%3A%3AAuthCookie.3pm.en.html&a \
mp;data=02%7C01%7C%7Ccdbbc0aa22f9475f865b08d7f7fbb14a%7Ca30a558eb6084b2c8f39a7fa426fa4 \
9d%7C0%7C0%7C637250532694682960&amp;sdata=i%2BubRiml7K8%2B3s8kLtcpY3blwpCmrNkM6Z337p07%2Bi4%3D&amp;reserved=0</a>
<br>
> as an example<br>
>> <br>
>> # In httpd.conf or .htaccess:<br>
>> PerlModule Sample::Apache2::AuthCookieHandler<br>
>> PerlSetVar WhatEverPath / ..... <br>
>> <br>
>> to my ssl.conf file<br>
>> <br>
>> No changes made to httpd.conf or ssl.conf.<br>
> <br>
> Those two statements seem to be conflicting? I keep my \
authentication/authorization <br>
> information in httpd.conf, personally.<br>
> <br>
>> When trying to access the page I get the errors above. <br>
> <br>
> That sample configuration from the POD assumes that you are subclassing <br>
> Apache2::AuthCookie and that the name of your subclass is <br>
> Sample::Apache2::AuthCookieHandler. It's meant to be illustrative. I'm guessing \
you don't <br>
> actually have such a subclass. Try just removing the "Sample::" part. \
You can probably <br>
> also find working examples in the tests in the "t" subdirectory.<br>
> <br>
>> I've read this <a \
href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmetacpan.org%2 \
Fpod%2Fdistribution%2FApache-AuthCookie%2FREADME.apache-2.4.pod&amp;data=02%7C01%7 \
C%7Ccdbbc0aa22f9475f865b08d7f7fbb14a%7Ca30a558eb6084b2c8f39a7fa426fa49d%7C0%7C0%7C6372 \
50532694682960&amp;sdata=tiVA1Oic5tVnRV7BAaVaGkcCeW7tukWkt1925QBLSdA%3D&amp;reserved=0">
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmetacpan.org%2Fpod% \
2Fdistribution%2FApache-AuthCookie%2FREADME.apache-2.4.pod&amp;data=02%7C01%7C%7Cc \
dbbc0aa22f9475f865b08d7f7fbb14a%7Ca30a558eb6084b2c8f39a7fa426fa49d%7C0%7C0%7C637250532 \
694682960&amp;sdata=tiVA1Oic5tVnRV7BAaVaGkcCeW7tukWkt1925QBLSdA%3D&amp;reserved=0</a><br>
>> which unfortunately doesn't make sense to me. <br>
> <br>
> That POD is meant for people developing (or porting from Apache 2.2.x) their own \
Perl <br>
> modules for doing authentication and authorization under Apache 2.4.x. \
AuthCookie already <br>
> handles all of this for you, assuming you only need or use AuthCookie. It might \
apply if <br>
> you are subclassing from AuthCookie and you get into the gritty details, such as
<br>
> implementing your own AuthzProvider. Check out Apache2_4::AuthCookieDBI for an \
example of <br>
> that.<br>
> <br>
> <a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmetacp \
an.org%2Fpod%2FApache2_4%3A%3AAuthCookieDBI&amp;data=02%7C01%7C%7Ccdbbc0aa22f9475f \
865b08d7f7fbb14a%7Ca30a558eb6084b2c8f39a7fa426fa49d%7C0%7C0%7C637250532694682960&amp;sdata=igwPJCk%2Buknkk4cEuMBGoYljInf2k5zVJf0z5CH8t9c%3D&amp;reserved=0">
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmetacpan.org%2Fpod% \
2FApache2_4%3A%3AAuthCookieDBI&amp;data=02%7C01%7C%7Ccdbbc0aa22f9475f865b08d7f7fbb \
14a%7Ca30a558eb6084b2c8f39a7fa426fa49d%7C0%7C0%7C637250532694682960&amp;sdata=igwPJCk%2Buknkk4cEuMBGoYljInf2k5zVJf0z5CH8t9c%3D&amp;reserved=0</a><br>
> <br>
> Regards,<br>
> Ed<br>
> <br>
<br>
</div>
</span></font></div>
</div>
</body>
</html>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic