RE: Sections

Philippe M. Chiasson Tue, 10 Feb 2004 15:22:52 -0800

On Tue, 2004-02-10 at 08:28 -0800, Dooley, Michael wrote:
> CORRECTION:
> 
> ERROR:
> [Tue Feb 10 08:26:06 2004] [error] Bad/Missing NTLM/Basic Authorization
> Header for /
> [Tue Feb 10 08:26:06 2004] [error] No PDC and no fallbackdomain given for
> domain DOMAIN


Well, there are many things not quite right with your approach.

> <Perl>
> if ( $ENV{REMOTE_ADDR} = '192.168.0.24') {

you must have meant if ( $ENV{REMOTE_ADDR} == '192.168.0.24') {

But more importantly, <Perl> sections control configuration at startup
time, not request time.  So your check for REMOTE_ADDR will not do what
you expect it to.

Remember <Perl> sections are just a smart and cool way to use Perl to
_configure_ your server.

If what you are trying to do is to alter authentication requirements at
request-time, based on the remote-ip, what you need is most likely an
PerlAccessHandler like this one :

<Perl >
sub MyApache::AccessHandler::handler {
        my $r = shift;

        if ($r->connection->remote_ip eq "192.168.0.24" ) {
                $r->ap_auth_type("ntlm");
                $r->push_handlers('PerlAuthenHandler' =>  "Apache::AuthenNTLM");
                $r->dir_config('ntlmdebug' => 1);
                $r->dir_config('ntdomain' => 'DOMAIN PDC BDC");
        }
        return Apache::DECLINED;
}
</Perl>

<Location />
        PerlAccessHandler MyApache::AccessHandler
        AuthType Basic
        AuthName testing
        AuthUserFile "www/secure/passwd"
        AuthGroupFile "www/secure/group"
        require valid-user
</Location>


>         $Location{"/"} = {
>                 PerlAuthenHandler => "Apache::AuthenNTLM",
>                 AuthType => "ntlm",
>                 require => "valid-user",
>                 PerlAddVar  => {ntdomain => "DOMAIN   PDC     BDC",},
>                 PerlSetVar => {ntlmdebug => 1,},
>         };
> } else {
>         $Location{"/"} = {
>                 AuthType => "Basic",
>                 require => "valid-user",
>                 AuthName => "testing",
>                 AuthUserFile => "www/secure/passwd",
>                 AuthGroupFile => "www/secure/group",


>         };
> }
> </Perl>
> 
> -- 
> Reporting bugs: http://perl.apache.org/bugs/
> Mail list info: http://perl.apache.org/maillist/modperl.html
> List etiquette: http://perl.apache.org/maillist/email-etiquette.html
-- 
--------------------------------------------------------------------------------
Philippe M. Chiasson /gozer\@(cpan|ectoplasm)\.org/ 88C3A5A5 (122FF51B/C634E37B)
http://gozer.ectoplasm.org/    F9BF E0C2 480E 7680 1AE5 3631 CB32 A107 88C3 A5A5
Q: It is impossible to make anything foolproof because fools are so ingenious.
perl -e'$$=\${gozer};{$_=unpack(P7,pack(L,$$));/^JAm_pH\n$/&&print||$$++&&redo}'

signature.asc
Description: This is a digitally signed message part

RE: Sections

Reply via email to