gs work in 2.4.
your authz_user() will be called (up to) two times.
1. Before authentication where $r->user is not set. The purpose of this
is to allow you to handle *anonymous* authorization. You can return
AUTHZ_GRANTED here and no authentication will happen at all I
believe
seems that
the only way to achieve what I want (and which in my views matches the
2.4 general AAA logic), would be to let the authentication method return
Apache2::Const::OK, /even if the user is not authenticated/ by the
configured authentication method.
2) from
https://metacpan.org/pod
hieve what I want (and which in my views matches the 2.4 general AAA logic), would be to
let the authentication method return Apache2::Const::OK, /even if the user is not
authenticated/ by the configured authentication method.
2) from
https://metacpan.org/pod/distribution/Apache-AuthCookie/REA
Hi.
I am trying to figure out what Apache2::Const return codes /can/ be returned by a mod_perl
/authentication/ method under Apache 2.4+, and what consequences each of these return
codes has, in terms of what Apache does next.
(And also, where to find a commented list of the Apache "A
protected by
Apache::AuthDBI, I get an error "No authentication done but request not
allowed without authentication for /rwm/rkm/wiki/index.html.
Authentication not configured?"
The error appear when I try to access / while it is internally resolved
into index.php thanks to "
On 8/24/16 7:40 AM, Tosh Cooey wrote:
> Hi, I've taken a stab at updating Apache2::AuthCookieDBI myself as per:
>
> http://search.cpan.org/~mschout/Apache-AuthCookie/README.apache-2.4.pod
>
> I've changed the parent of Apache2::AuthCookieDBI to
> Apache2_4::AuthCookie but that doesn't seem to wor
14:40:43 +0200 Tosh Cooey wrote:
Am I barking up the wrong tree? Doing something completely wrong? Is
there anybody with knowledge and experience with the 2.4
authentication API that I could hire to update Apache2::AuthCookieDBI?
Thanks for any insight,
No insight, but I registered a ticket for
PerlResponseHandler Apache2::AuthCookieDBI->login
Am I barking up the wrong tree? Doing something completely wrong? Is there
anybody with
knowledge and experience with the 2.4 authentication API that I could hire to
update
Apache2::AuthCookieDBI?
Thanks for any insight,
Tosh
On Wed, 24 Aug 2016 14:40:43 +0200 Tosh Cooey wrote:
> Am I barking up the wrong tree? Doing something completely wrong? Is
> there anybody with knowledge and experience with the 2.4
> authentication API that I could hire to update Apache2::AuthCookieDBI?
>
> Thanks for any insig
okieDBI
AuthName berlin3
SetHandler perl-script
PerlResponseHandler Apache2::AuthCookieDBI->login
Am I barking up the wrong tree? Doing something completely wrong? Is
there anybody with knowledge and experience with the 2.4 authentication
API that I could hire to updat
trying to access a context on a directory protected by
Apache::AuthDBI, I get an error "No authentication done but request not
allowed without authentication for /rwm/rkm/wiki/index.html.
Authentication not configured?"
The error appear when I try to access / while it is internally res
Hello,
Yes! There is one very magic line in your code, which solved my problem. It is
this line:
$r->err_headers_out->set("WWW-Authenticate" => 'Basic realm="My Site"’);
I always used:
$r->headers_out->set("WWW-Authenticate" => 'Basic realm="My Site"’);
When digging into the documentation one
If the resource is not public and the user is not authenticated yet,
you can add the 'WWW-Authenticate' http header and return the
Apache2::Const::HTTP_UNAUTHORIZED status.
This will trigger the browser to show the login dialog.
You can also create a cookie and a session table in a database and ch
Hello,
> On 02 Mar 2016, at 21:26, A. Warnier wrote:
>
>> $o_Req->note_basic_auth_failure();
>> $o_Req->headers_out->set('WWW-Authenticate' => "Basic");
>> $o_Req->headers_out->set('Realm' => "Login");
>
> I believe that the above is supposed to be a single HTTP header, not 2 :
>
> WWW-Authent
On Wed, 2 Mar 2016 17:53:39 +0100
Matthias Schmitt wrote:
> I am trying to handle basic authentication using mod_perl 2.0.9 and Apache
> 2.4.18.
>
>
> BTW, the same Programm runs fine using mod_perl 2.0.6 and Apache 2.2.x.
I don't use basic authentication myself so can
On 02.03.2016 17:53, Matthias Schmitt wrote:
Hello,
I am trying to handle basic authentication using mod_perl 2.0.9 and Apache
2.4.18.
I am getting the first request to my resource. The user is requesting the URL
without any username or password. My program should refuse the access to this
Hello,
I am trying to handle basic authentication using mod_perl 2.0.9 and Apache
2.4.18.
I am getting the first request to my resource. The user is requesting the URL
without any username or password. My program should refuse the access to this
resource and force the web browser to offer a
I need an auth cookie to be valid across all subdomains I have, so it
makes sense to set the cookie domain to .domain.com
However setting that in the Apache config via:
PerlSetVar MyDomain .domain.com
Isn't what I need since I want to be able to use:
domain2.com domain3.com etc depending on w
* Lathan Bidwell wrote:
> Date: Fri, 12 Sep 2014 12:14:35 -0400
> From: Lathan Bidwell
> To: modperl@perl.apache.org
> Subject: Perl Authorization handler called before authentication handler
Not sure if you still need this, but my findings are it is the
correct behaviour under
>On Fri, Sep 12, 2014 at 02:25:49PM -0400, Lathan Bidwell wrote:
> >> The documentation for the AuthType field does not seem to give examples
> for
> >> custom auth handlers.
> >>
> >> The AuthType I put in is the package name that has the auth subroutines
> in
> >> it.
> >>
> >> This is pulled fr
mbers"
> > >
> > > Require membersuser testing123
> > >
> > >
> > >
> > > But for some reason, my authorize24 subroutine is being called before my
> > > authenticate24 subroutine.
> > >
> > > I
t; > But for some reason, my authorize24 subroutine is being called before my
> > authenticate24 subroutine.
> >
> > I have simplified those 2 subroutines down to printing debugging info to
> > the error log, (the authen sub sets $r->user('testing')), but I
1) I am sure that the subroutine is called, because I have warn statements
in each subroutine. I can see in the log that authorization24 is called
before authentication24.
2) The url I've been testing is /services/jacl/members/hi.html
@DirectoryMatch: hm, I suppose it might be slightly faster, bu
ave simplified those 2 subroutines down to printing debugging info to
> the error log, (the authen sub sets $r->user('testing')), but I cannot
> figure out why the handlers are called in the wrong order.
Summary: Hazarding a complete guess : Wrong syntax?
AuthType
"
Lathan Bidwell wrote:
I have looked all around apache's documentation on how to upgrade from 2.2
to 2.4, but they don't include much about using PerlAddAuthzProvider or
PerlAuthenHandler.
I have this config section:
PerlAddAuthzProvider membersuser Application::User::Members->authorize24
I have looked all around apache's documentation on how to upgrade from 2.2
to 2.4, but they don't include much about using PerlAddAuthzProvider or
PerlAuthenHandler.
I have this config section:
PerlAddAuthzProvider membersuser Application::User::Members->authorize24
DirectoryIndex disab
Mark jensen wrote:
Thanks I guess your answer will work for me if I have only static IPs but what I have suggested is an example, my DB or DNS zone is changing dynamically, can mod_perl deal with them as a DB?
sub Handler {
my $r = shift;
my $c = $r->connection;
my $user = $c->remot
Thanks I guess your answer will work for me if I have only static IPs but what
I have suggested is an example, my DB or DNS zone is changing dynamically, can
mod_perl deal with them as a DB?
Mark jensen wrote:
I have seen this link:
http://perl.apache.org/docs/2.0/user/handlers/http.html#PerlAuthzHandler
and as it said: This phase requires a successful authentication from the
previous phase, because a username is needed in order to decide
whether a user is authorized to access
I have seen this link:
http://perl.apache.org/docs/2.0/user/handlers/http.html#PerlAuthzHandler
and as it said: This phase requires a successful authentication from the
previous phase, because a username is needed in order to decide
whether a user is authorized to access the requested resource
($r->user &&
is_admin $r->user)
}
}
}
DECLINED
}
However, apache2 asks for authentication for access to any subdirectory
(because of the Require directive), and denies access if the user
does not provide valid credentials.
One i
On 12 Oct 2011, at 04:06, Fred Moyer wrote:
> You should be able to run 5.14.1 with 2.06-dev available on
> http://perl.apache.org.
>
> If that doesn't work, I'd suggest posting your handlers to this list.
>
> Looking at that symbol error though, it suggests that you may have
> built mod_perl w
, which
> seemed to do everything I need OK. That led me to remove ./site_perl/5.14.1
> altogether, so at least I'm able to run Apache version 2.2.21 with Perl 5.12.4
> and mod_perl 2.0.5.
>
> However authentication still doesn't work. When I call $r->user in my
&g
2.0.5.
However authentication still doesn't work. When I call $r->user in my
authenticaion script for a URL that uses basic authentication, I don't get the
login pop-up at all, and $r->user returns a value of ' (single quote)
when I run make test in mod_perl, the logs sho
On 7/17/2011 1:16 AM, Phil Van wrote:
Back to Vincent's original request about session id and login: how
secure is your session id? Have you signed it? If not, someone can try
to sending random IDs and break your authentication.
Well, if you sign it and sign it properly, you basically e
Le samedi 16 juillet 2011 à 22:16 -0700, Phil Van a écrit :
> Back to Vincent's original request about session id and login:
> (if you are using https, then all the above procedures do not matter)
>
It's via https, yes.
> The second idea is that you may not need to store session on the
> serve
Le samedi 16 juillet 2011 à 21:06 -0400, Perrin Harkins a écrit :
> On Sat, Jul 16, 2011 at 1:01 PM, Vincent Veyron wrote:
> To serialize your session to a string, you can do something like this:
> use Storable qw(nfreeze);
> $serialized = nfreeze \%session;
>
I see the light!
Thanks a bunch f
Back to Vincent's original request about session id and login: how secure is
your session id? Have you signed it? If not, someone can try to sending
random IDs and break your authentication.
Well, if you sign it and sign it properly, you basically end up with the
same idea in those &q
On Sat, Jul 16, 2011 at 1:01 PM, Vincent Veyron wrote:
> As I said, I replaced the call to tie with :
>
> $r->pnotes('session' => Storable::retrieve($session_file));
>
> where $session_file again is retrieved from the cookie.
>
> What I can't find out is : how do I store %session into a database
>
Le vendredi 15 juillet 2011 à 17:59 -0400, Perrin Harkins a écrit :
> I think you're misunderstand. Storable doesn't do this for you. The
> idea is you could capture the session in a variable and write that to
> a database.
>
Let me explain; I used to do :
tie %session, 'Apache::Session::Po
On Thu, Jul 14, 2011 at 3:15 PM, Vincent Veyron wrote:
> OK, I must have missed it in the doc, I'll look again.
I think you're misunderstand. Storable doesn't do this for you. The
idea is you could capture the session in a variable and write that to
a database.
If you'd rather not roll your ow
Le jeudi 14 juillet 2011 à 13:02 -0400, Michael Peters a écrit :
> On 07/14/2011 12:57 PM, Vincent Veyron wrote:
> > Also, I did not find how to store a hash in the database without tie. I
> > read it's possible to use Data::Dumper to write the data in a field and
> > read it as Perl code. Would t
On 07/14/2011 12:57 PM, Vincent Veyron wrote:
This is what I first did, using Apache::Session. But I noticed the call
to tie was very slow (response time around 70ms with it, 15ms without
it), so I changed for Storable because filesystem reads were much
faster.
I don't personally like Apache::
Le jeudi 14 juillet 2011 à 11:34 -0400, Perrin Harkins a écrit :
> On Thu, Jul 14, 2011 at 11:21 AM, Vincent Veyron wrote:
> > Could you explain (very briefly) how clustering prevents file storage of
> > a session?
>
> A cluster in this case means multiple servers, so they don't share a
> filesys
On Thu, Jul 14, 2011 at 11:21 AM, Vincent Veyron wrote:
> Could you explain (very briefly) how clustering prevents file storage of
> a session?
A cluster in this case means multiple servers, so they don't share a
filesystem. There are ways to share files of course, but the common
solution is to
Le mercredi 13 juillet 2011 à 13:19 -0400, Perrin Harkins a écrit :
> On Tue, Jul 12, 2011 at 8:45 AM, Vincent Veyron wrote:
> > -Is there anything wrong with my process?
>
> If it's working for you, then it sounds fine. Needing to invoke
> mod_perl on every hit could be bad if you're trying to
On Tue, Jul 12, 2011 at 8:45 AM, Vincent Veyron wrote:
> -Is there anything wrong with my process?
If it's working for you, then it sounds fine. Needing to invoke
mod_perl on every hit could be bad if you're trying to protect a lot
of otherwise static pages, but it doesn't sound like you are. T
Hi list,
In a recent thread, this exchange took place :
Le lundi 11 juillet 2011 à 21:54 +0200, André Warnier a écrit :
> Szekeres, Edward wrote:
> > It seems to be just an attempt to do what is already done in
> > Apache2::AuthCookie (CPAN), which encapsulates a server side
Hi all,
On 23 Mar 2011, at 20:38, I wrote:
> Actually, even the following causes a segfault:
>
> $r->push_handlers(PerlMapToStorageHandler => Apache2::Const::DECLINED);
Nope, I'm wrong -- that segfaults if I call it from a
PerlPostReadRequestHandler, but not from a PerlTransHandler. I'd moved
Hi Torsten,
On 23 Mar 2011, at 15:02, Torsten Förtsch wrote:
>> Interestingly, adding a PerlMapToStorageHandler caused a segfault
>
> Does your code by chance return Apache2::Const::OK? If so, try to change it
> to
> DECLINED.
Actually, even the following causes a segfault:
$r->push_handlers
On Wednesday, March 23, 2011 15:26:48 Andrew Green wrote:
> Interestingly, adding a PerlMapToStorageHandler caused a segfault
Does your code by chance return Apache2::Const::OK? If so, try to change it to
DECLINED. A PerlMapToStorageHandler returning OK prevents the core map2storage
handler to be
Hi,
On 23 Mar 2011, at 13:42, Torsten Förtsch wrote:
>> I'm putting together a mp2 application where I'd like to trigger
>> authentication from within a PerlTransHandler, and not from httpd.conf.
>
> This won't work in a PerlTransHandler because between tran
On Wednesday, March 23, 2011 14:24:11 Andrew Green wrote:
> I'm putting together a mp2 application where I'd like to trigger
> authentication from within a PerlTransHandler, and not from httpd.conf.
>
> As I understand it, the following should work:
>
> -
&
Hi all,
I'm putting together a mp2 application where I'd like to trigger authentication
from within a PerlTransHandler, and not from httpd.conf.
As I understand it, the following should work:
-
use Apache2::RequestUtil ();
$r->add_config(['require valid-user'
Have you tried loading Apache::AuthDBI first? It looks confused about
where to find the sub you specified.
- Perrin
On Tue, Mar 22, 2011 at 11:37 AM, Michel Jansen
wrote:
>
> The Apache::AuthDBI package has changed Checkout the errors below!
>
> [Tue Mar 22 16:35:50 2011] [error] [client 19
Op 22-3-2011 18:59, Fred Moyer schreef:
What version are you using? I'll take a look at this later today if I
can find a spare tuit.
The lastest from cpan!
What version are you using? I'll take a look at this later today if I
can find a spare tuit.
On Tue, Mar 22, 2011 at 8:37 AM, Michel Jansen
wrote:
> The Apache::AuthDBI package has changed Checkout the errors below!
>
> [Tue Mar 22 16:35:50 2011] [error] [client 192.168.112.1] failed to reso
The Apache::AuthDBI package has changed Checkout the errors below!
[Tue Mar 22 16:35:50 2011] [error] [client 192.168.112.1] failed to
resolve handler `Apache::AuthDBI::authen': Can't locate
Apache/AuthDBI/authen.pm in @INC (@INC contains: /etc/perl
/usr/local/lib/perl/5.10.1 /usr/local/sh
Can you give us a hint as to what the errors are?
On 22 Mar 2011, at 15:10, Michel Jansen wrote:
> Hi There,
>
> I have some troubles with the http-authentication using apache2 in
> combination with postgresql. I used to do it with Apache::AuthenDBI
> configuring access.conf i
Hi There,
I have some troubles with the http-authentication using apache2 in
combination with postgresql. I used to do it with Apache::AuthenDBI
configuring access.conf in the following way:
---
AuthName MyDB
AuthType Basic
PerlAuthenHandler Apache::AuthDBI::authen
mod_perl list
> Sent: Sun, January 23, 2011 3:09:01 PM
> Subject: Re: Authentication and cookies
>
> Hi.
>
> This is a suggestion to solve what I understand of your problem, but
> slightly
>differently.
> (And I admit that it is because I do not know if you can do
t more complicated than that, because Web AAA is quite spaghetti-like
in terms of logic. But that, I suppose, you have already found out.
Dan Axtell wrote:
I'm trying to upgrade mod_perl authentication/authorization handlers for
application menu to be more fine-grained by using cookie
I'm trying to upgrade mod_perl authentication/authorization handlers for
application menu to be more fine-grained by using cookies. The basic idea is
- restrict a script alias in httpd.conf with basic authentication calling the
custon handlers
- validate the user ID/password i
>
> To do access control for static files while still using your mod_perl
> auth handler, take a look at mod_auth_tkt or perlbal.
>
Thanks!
On Mon, Mar 29, 2010 at 4:24 AM, Dan Axtell wrote:
> server on the back end. It seems like a lot of overhead to have mod_perl on
> the front end purely for authentication; I might as well keep the monolithic
> configuration I have now. Thanks for the input, though, it helps clarify
On Sun, Mar 28, 2010 at 3:41 PM, Dan Axtell wrote:
> What I don't understand is what to do about static directories that want to
> use the handlers via Directory directive, or via a local .htdocs file. Does
> any such directory need to be forwarded to the dynamic server in order to then
> call th
>
> It would be more logical to do the authentication on the front-end
> server. Then, if the back-end server needs the result of the
> authentication, you could add an appropriate HTTP header (with the
> user-id and maybe more stuff) to the request, before proxying it to the
&g
Dan Axtell wrote:
Hi,
I wrote some mod_perl handlers for authentication and authorization, basically
to set cookies and check user roles. I use them for both static and dynamic
content from Perl scripts.
I'm looking into splitting Apache into two servers, one optimized for static
co
Hi,
I wrote some mod_perl handlers for authentication and authorization, basically
to set cookies and check user roles. I use them for both static and dynamic
content from Perl scripts.
I'm looking into splitting Apache into two servers, one optimized for static
content and acting
goes to http://www.site.com/clientA
and is presented with a login screen which is triggered by an .htaccess
file in a directory called /clientA. The .htaccess file directs Apache
to perform DBI-based authentication using Apache2::AuthCookieDBI.
PerlSetVar AuthDBI_DSN DBI:mysql:clientA
This
The documentation alludes to the variable 'pwd_whereclause'. If this
variable is set it will be used in the passwd query. I would try and
set it per client so that the query gets an additional where clause:
SELECT pwd_field FROM pwd_table WHERE uid_field = user AND client = clientA
/clientA. The .htaccess file directs Apache
to perform DBI-based authentication using Apache::AuthDBI.
PerlSetVar Auth_DBI_data_source DBI:mysql:clientA
This works great, but I am aware of the limitations and I would like to
set up some rules in the Apache config that accomplish this all without
On Dec 18, 2008, at 3:31 PM, André Warnier wrote:
Bruce Johnson wrote:
I'm looking at the code at the modperl.com site <http://www.modperl.com/book/chapters/ch6.html
> ('Authenticating against a database') as I need to write an
authentication handler for our site.
Bruce Johnson wrote:
I'm looking at the code at the modperl.com site
<http://www.modperl.com/book/chapters/ch6.html> ('Authenticating against
a database') as I need to write an authentication handler for our site.
This is part of the sample code:
# file: Apache/GateKeep
I'm looking at the code at the modperl.com site <http://www.modperl.com/book/chapters/ch6.html
> ('Authenticating against a database') as I need to write an
authentication handler for our site.
This is part of the sample code:
# file: Apache/GateKeeper.pm
use strict;
use
for the next
> requests (I would write this last module in Perl)
>
>
> The indirect question (good luck ;))
>
> I am currently working on a project to develop a server hosting HTTP
> applications developed with different technologies and I am in charge of
> the session mana
kie generates a valid
> cookie
Sorry, but I haven't really understood what you are trying to achieve. I
assume you understand the difference between authentication and authorization
and how they work together. If not try to figure that out first.
1) Perhaps you want to replace a s
e the mod_auth_basic module (or mod_auth_digest or
> > mod_auth_ntlm) to authenticate a client for the first request,
> >. then create a session tracking module (based on cookies) for the
> > next requests (I would write this last module in Perl)
> >
> The cookie needs
cookies) for the
> next requests (I would write this last module in Perl)
>
The cookie needs to be setup upon authentication, so you have to use an
authentication module other than the basic authentication, which does
not set up a cookie.
>
> The indirect question (good luck ;))
>
currently working on a project to develop a server hosting HTTP
applications developed with different technologies and I am in charge of the
session management (authentication along with SSO) for the HTTP-based
applications.
Applications are developed in
. PHP
. Servlet
I can not modify these
On Sun, 18 Nov 2007 10:26:14 -0800 Dodger <[EMAIL PROTECTED]> wrote:
> Heya, I'd like to implement a custom authentication without
> authentication. Seeing as I don't see anything about what I want to do
> in the normal auth stuff, I figure I will need to do mod_perl.
>
Heya, I'd like to implement a custom authentication without
authentication. Seeing as I don't see anything about what I want to do
in the normal auth stuff, I figure I will need to do mod_perl.
I can get this all on my own if need be, but if someone else has
already invented this wheel
Bill Moseley wrote:
> On Sun, Sep 23, 2007 at 01:44:44AM -0700, Philippe M. Chiasson wrote:
>>
>>> If the concern is that someone might spoof an IP address then the
>>> shared secret seems adequate.
>> If the secret is ever compromised, you have to update every single
>> client/server out there. If
On Sun, Sep 23, 2007 at 01:44:44AM -0700, Philippe M. Chiasson wrote:
>
>
> > If the concern is that someone might spoof an IP address then the
> > shared secret seems adequate.
>
> If the secret is ever compromised, you have to update every single
> client/server out there. If a client cert is
Bill Moseley wrote:
> This isn't mod_perl related, but I'm hoping someone here has
> experience in this area and can provide some feedback.
> Recommendation of a better list for this question is also welcome.
>
> I have a mod_perl/SOAP::Lite server application where I need to
> authenticate the
This isn't mod_perl related, but I'm hoping someone here has
experience in this area and can provide some feedback.
Recommendation of a better list for this question is also welcome.
I have a mod_perl/SOAP::Lite server application where I need to
authenticate the connecting clients. The clients a
On 6/7/07, _spitFIRE <[EMAIL PROTECTED]> wrote:
How do I use IFRAME here?
If you Google for information on how to use IFRAMEs, I'm sure you'll
find better information than I can give you. The basic idea is that
it's a floating frame in part of your page where you put your login
form and show t
On Jun 7, 2007, at 12:23 PM, [EMAIL PROTECTED] wrote:
Look at the control flow of Apache AuthCookie module and let me
know if it can be done!
http://search.cpan.org/~mschout/Apache-AuthCookie-3.10/lib/Apache2/
AuthCookie.pm
The control flow shouldn't matter-- if its doing a redirect based o
e control flow of Apache AuthCookie module and let me know if it
can be done!
http://search.cpan.org/~mschout/Apache-AuthCookie-3.10/lib/Apache2/AuthCookie.pm
--
View this message in context:
http://www.nabble.com/asynchronous-perl-authentication%21--tf3860218.html#a11011410
Sent from the mod_per
On Jun 7, 2007, at 10:52 AM, _spitFIRE wrote:
Hi Adam,
You are perfectly right. However, I'm in dire need of a Ajax
style login.
Do you have any clue on how to go about implementing the sytem?
just do an xmlhttprequest to your auth script.
have it redirect to a page that prints 0 if the
w do I use IFRAME here? Can you give me some more info on that? Or at
least a sketch of the implementation? I'm sorry if I'm asking too much.
--
View this message in context:
http://www.nabble.com/asynchronous-perl-authentication%21--tf3860218.html#a11009532
Sent from the mod_perl - General mailing list archive at Nabble.com.
Hi Adam,
You are perfectly right. However, I'm in dire need of a Ajax style login.
Do you have any clue on how to go about implementing the sytem?
Adam Tistler wrote:
>
> Even if you use AJAX, the page will still refresh because the AuthCookie
> module's authentication me
On 6/6/07, Adam Tistler <[EMAIL PROTECTED]> wrote:
Even if you use AJAX, the page will still refresh because the AuthCookie
module's authentication method redirect's you back to the login page so that
the session cookie can be checked.
If it's your AJAX request get
Even if you use AJAX, the page will still refresh because the AuthCookie
module's authentication method redirect's you back to the login page so that
the session cookie can be checked. You might be able to get around that by
overloading the authentication method using a subrequest in
efreshing, because you're submitting a form and requesting a
new page in the main browser window. to keep the page from
refreshing, you want to handle that via xmlhttprequest or something
similar - where javascript or flash communicates with the server ,
handles the authentication, and popu
On 6/3/07, _spitFIRE <[EMAIL PROTECTED]> wrote:
I would basically like to stop the entire page getting
refreshed and have the normal ajax style login here; is that possible?
Not sure what you could consider "normal" here, but there's no reason
you can't use any of the popular JavaScript librari
_spitFIRE <[EMAIL PROTECTED]> writes:
> Hi All,
> I have written a simple perl module (using apache authcookie) for
> authenticating users. However, whenever the user types a wrong password,
> the entire page refreshes. Is it possible to do a ajax style authentication
> he
Hi All,
I have written a simple perl module (using apache authcookie) for
authenticating users. However, whenever the user types a wrong password,
the entire page refreshes. Is it possible to do a ajax style authentication
here??? I'm sorry if my understanding is seriously flawed (I
Scott Gifford <[EMAIL PROTECTED]> writes:
[...]
> The cause seems to be that when mod_perl gets an "Authorization"
> header in the request, it doesn't supply a "WWW-Authenticate" header
> in the response.
Nevermind, found it, the solution was to call:
$r->note_basic_auth_failure();
Sco
Hello,
I'm having trouble with PerlAuthenHandler.
The symptom is that in a browser (Firefox at least), I'm prompted for
a password the first time I visit a page. If I enter it incorrectly,
I'm not prompted again, but instead just see the error page.
The cause seems to be that when mod_perl gets
1 - 100 of 208 matches
Mail list logo