I am experiencing a problem with the REMOTE_USER environment variable after an upgrade to Apache 2. We are using AuthDBI to authenticate users, which uses basic authentication with the browser to request their details. Hence the use of REMOTE_USER.
Users authenticate fine and seem to be working with no problems, but when there are multiple people using the system the REMOTE_USER environment variable gets set to seemingly random user names, and the users keep stepping on each other. The CGI module is being used and initially I thought the problem was there, as the username is retrieved ala "$USER = remote_user", however after looking at the CGI.pm code, all it does is return the value of the REMOTE_USER environment variable. Unfortunately it seems that the AuthDBI module has not been ported to the Apache2/mod_perl2 APIs, so we have to run it under the compatibility layer. Ech! Any known problems there? Looks to me like the environment variables aren't being reset correctly after each request, and they are sticking around with the Apache process. I tried logging "$r->user()" to see if that was more reliable, but no luck there either. It seems to be empty more than wrong, so I guess it is doing something different, but still no good. Maybe it is indicative of where the problem lies though. Thinking of anything else that might be useful in solving this problem: Apache MPM: prefork PerlHandler ModPerl::Registry Apache 2.0.46 mod_perl 1.99_09 Perl 5.8.0 OS Linux 2.4.21-20.0.1 smp Distribution RHELv3 This code has been running under mod_perl1 for a few years now, so the problems seem to be related to the software upgrade, rather than the usual problems related to bad scripts. Any help would be gladly appreciated as I have an application that is basically unusable at the moment. Please ask questions if you need more info. Thanks! Owen Berry
