Dami Laurent (PJ) wrote:
Hi everybody,
I recently wrote an extension to Apache2::AuthenNTLM in order to store
the NTLM authentified username in a cookie (module
_http://search.cpan.org/dist/Apache2-AuthenNTLM-Cookie/_).
Now I found out that this module has a critical bug : the content of
POST requests gets corrupted (bug
_http://rt.cpan.org/Ticket/Display.html?id=36847_).
I don't really know where to start to fix the bug. My hypothesis is that
perhaps this is because I'm using Apache2::Cookie, which itself uses
libaprequest, and maybe these modules are not meant to be used in an
early Apache phase, and leave the input stream in an buggy state. I
looked at a couple of other authentication modules using cookies, but
they don't seem to use the Apache2::Cookie API.
Is that the hypothesis correct ? Does anybody have good advice on that
problem ?
There is a lot of code on CPAN using libapreq and/or Apache2::Cookie in
every phase, so I very seriously doubt that that's a problem. The first
thing i'd do in your situation would be to make sure that the bug
doesn't exist in Apache2::AuthenNTLM, to confirm it's actually specific
to you're extention.
Telling us what exactly 'gets corrupted' means might help too (ie
error_log details, or whatever you're seeing).
Adam
