Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Apache: Users

FcgidAccessChecker usage

 

 

Apache users RSS feed   Index | Next | Previous | View Threaded


jrogers at socialserve

Jul 27, 2012, 2:18 PM

Post #1 of 1 (200 views)
Permalink
FcgidAccessChecker usage

I'm trying to determine the correct way to use the FcgidAccessChecker
directive. Unfortunately, the documentation is very sparse in this area.
I've been assuming that it should conform to the Fast CGI Specification
section "6.3 Authorizer".
<URL:http://www.fastcgi.com/drupal/node/6?q=node/22#S6.3>

I have succeeded in getting mod_fcgid to recognize a successful access
check by returning a "Status: 200 OK" line and no other header lines.
However, it's not at all clear from the mod_fcgid how an application can
cause something different to happen when access is denied.

Section 6.3 of the specification says, 'For Authorizer response status
values other than "200" (OK), the Web server denies access and sends the
response status, headers, and content back to the HTTP client.' My
understanding is that the authorizer application should be able to
return any response in exactly the same way that a normal responder
application would and if the response code is not 200, Apache will send
that entire response to the client. This would allow the application to
display an error page or redirect the client to an authentication page.

However, this is definitely not what mod_fcgid is doing. If the
application returns "Status: 400 Bad Request" and nothing else, Apache
sends a response starting with "HTTP/1.1 401 Authorization Required" and
the body is a generic error document that Apache must have generated
internally.

While mod_fcgid seems to ignore everything in the authorizer's response
apart from response code when that code is not 200, when it is 200,
mod_fcgid uses a "Location" header line in subsequent processing. Is
this the only mechanism to control what happens on an access check failure?


--
Jonathan Ross Rogers


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe [at] httpd
For additional commands, e-mail: users-help [at] httpd

Apache users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.