I would like to use my module in another configuration where group is
checked
<Location /test_group>
PerlAuthHandler My::Auth
Require group group1
....
</Location>
I can not find any mod_perl API method (Apache2::RequestRec::group ?) to set
the group.
that's right.
you have control over the user via the httpd (and thus mod_perl) API,
just as the user does via a dialogue box in their browser. but
mod_authz_owner maps that user to a group via standard unix gid methods.
I have no idea how this works on win32 ;)
I only found Apache2::RequestRec::require method, but this method
only read the require configuration.
One way to solve the problem is the modify the My::Auth::handler method :
package My::Auth;
sub {
....
$r->user('getting the user in my module internal structure');
my $requires = $r->requires;
# here the code to verify authorization
return OK;
}
but I think this is a workaround:
. My::Auth::handler is an AUTHENTICATION handler
yes - is the user who they say they are.
. the code to verify the AUTHORIZATION should have to be executed by the
httpd core.
exactly :)
your wanting to do something with group is an authz function, not an
authen function.
How can I manage authorization in this case ?
the 'Require group foo' directive explicity means you want unix user ->
unix group mapping done in the authz phase. if you want something from
this different write your own PerlAuthzHandler. see recipe 3.16 here
http://www.modperlcookbook.org/chapters/ch13.pdf
it's mod_perl 1.0 based, but the ideas are the same, and the techniques
and API nearly identical.
HTH
--Geoff
