Bengt-Arne Fjellner wrote:
> Hi. Im working on a modperl login module that amongst others will check for 
> https
> If not https I want to give an error page instead.

you'll need something like Apache::SSLLookup to determine https during the
authen phase.

> Is it possible to return html from an authen handler ?

yes.

> How?

see Apache::Motd and it's use of DONE as an example.  if it's not clear see
recipe 11.4 in the mod_perl cookbook.  not that this is the best or most
idiomatic approach, but you asked about what's possible :)

> Is it possible to create a temporary <location> ... </location> from this 
> handler?

not really.  what you would probably to instead was sliently create a
<Location> in apache's configuration on module load instead.  see

http://www.modperlcookbook.org/~geoff/modules/experimental/Apache-ReverseLocation-0.01.tar.gz

as an example on how to do that.  but again, I wouldn't do it that way.  see
below...

> Or give an internal_redirect directly to code?

nope, can't do that.

> Questions because i want the errorpage to be inside the same module and only
> availible for these requests.

in general you're not really thinking about the request cycle properly.  if
you want to enforce https you probably ought to use a PerlAccessHandler and
return FORBIDDEN unless https and push a PerlAuthenHandler otherwise, then
use the authentication phase for what it's for - authenticating your user.

if you want an error page, use $r->custom_response() to set up the error
content for FORBIDDEN.  that's a far more idiomatic approach :)

HTH

--Geoff

Reply via email to