Re: mod_perl waters too deep

Mon, 14 Dec 2009 08:37:23 -0800 

Tosh Cooey wrote:
You may have seen my other recent questions to the list this month, the gist of which is: 


I want to setup an application for multiple clients, each of whom have 
their own users.


http://www.site.com/clientA/application.pl
http://www.site.com/clientB/application.pl
http://www.site.com/clientX/application.pl


So the users of "clientA" log in to 
http://www.site.com/clientA/application.pl and are authenticated with 
Apache2::AuthCookieDBI



Now the directories clientA, clientB, etc. do not exist, I'm using 
mod_rewrite to sort that out, and here starts my problems.  First I'm 
lost with authenticating since there's no "real" resource to 
authenticate against, but I seem to have solved that by forcing 
authentication against all *.pl files which luckily do exist ;)


It gets more complicated later because some URLs like

http://www.site.com/clientA/iCal can't use session cookies but have to 
use BASIC AUTH, and other *.pl files can't have any authentication 
applied against them.



Hi.  I kind of remember your posts, and kind of remember also that I 
thought that you were going about this the hard way.



I am more than willing to assist you professionally (since that's what I 
do for a living), but in the meantime, what stops you from doing 
something like this :


<Location /clientA>
  AuthType MyOwn
  PerlSetVar MyAuthType "form"
  PerlAuthenHandler my::module::dbi-based
  ...
</Location>
<Location /clientA/iCal>
  AuthType MyOwn
  PerlSetVar MyAuthType "basic"
  PerlAuthenHandler my::module::dbi-based (or whatever)
  ...
</Location>
<Location /clientA/somescript.pl>
  AuthType nothing
  PerlSetVar MyAuthType "auto"
  PerlSetVar MyAutoId "anonymous"
  PerlAuthenHandler my::module::dbi-based (or whatever)
</Location>

<Location /clientB>
  AuthType MyOwn
  PerlSetVar MyAuthType "form"
  PerlAuthenHandler my::module::dbi-based
  ...
</Location>
<Location /clientB/iCal>
  AuthType MyOwn
  PerlSetVar MyAuthType "basic"
  PerlAuthenHandler my::module::dbi-based (or whatever)
  ...
</Location>
etc...

(You can use LocationMatch in case you need finer control)


If you really have only a few different "clientX", then that seems like 
an easy enough configuration.
(If you have many, then it may be easier to do this another way, and 
have your module determine which "clientX" this is and react appropriately.)




Apache itself will pick the "most precise" matching Location section 
applying to the request URL.
Your authentication module should check on $r->dir_config('MyAuthType') 
to determine what kind of authentication to use with the client 
(form-based, basic or none).


Maybe it is not time for a nervous breakdown yet..
;-)
























					Reply via email to