mod_perl Basic Auth
mod_perl Recipe
|
|
[ home ]
-
[ search ]
-
[ sitemap ]
[ mod_perl ] - [ mod_perl Basic Auth Challenge ]
Challenge
- http://www.example.com/my/ should be password protected through a Custom Basic Authorization
- Under /my/x/ you want to run executable scripts which are protected through the Basic Auth as well
- You want putting static HTML pages under /my/, e.g. /my/hello.html which should be accessible through a Web Browser
- You'd like to run scripts in mod_perl fashion within this Basic Auth along the possibilty to configure a CGI directory
Recipe
Edit your httpd.conf (or ssl.conf)
<VirtualHost>
...
# --- CGI replacement:
Alias /my/x/ /usr/local/apache2/ssl.pgate.net/my/x/
<Location /my/x/>
SetHandler perl-script
PerlHandler ModPerl::Registry
PerlSendHeader On
Options +ExecCGI
</Location>
<Location /my/>
AuthType Basic
AuthName "The GATE"
Require valid-user
# mod_perl Basic Auth:
PerlAuthenHandler Custom::Login
ErrorDocument 401 /nok.htm
</Location>
...
</VirtualHost>
Login.pm
Following Perl Modul has to be located within on of Perl's search path, typically /usr/lib/perl5/site_perl/.
package Custom::Login;
use strict;
use warnings;
# ---------------------------------------------------
# Basic Auth Sample
# (c) retoh :)
# ---------------------------------------------------
use Apache::Access ();
use Apache::RequestUtil ();
use Apache::RequestRec (); # Always needed
use Apache::RequestIO (); # Needed by Apache::RequestRec!
use Apache::Const -compile => qw(OK DECLINED AUTH_REQUIRED);
sub handler {
my $r = shift;
my ($status, $password) = $r->get_basic_auth_pw;
return $status unless $status == Apache::OK;
my $user = $r->user;
if ($user) {
my $auth_name = $r->auth_name;
if ($user eq 'foo') {
# -- We don't allow foo ;-)
$r->note_basic_auth_failure;
return Apache::AUTH_REQUIRED;
}
else {
return Apache::OK;
}
}
else {
$r->note_basic_auth_failure;
return Apache::AUTH_REQUIRED;
}
}
1;
|