Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Catalyst: Users

Engine::(Fast)CGI and Basic Auth in Apache 2

 

 

Catalyst users RSS feed   Index | Next | Previous | View Threaded


himself at tomott

Feb 29, 2008, 2:54 AM

Post #1 of 1 (407 views)
Permalink
Engine::(Fast)CGI and Basic Auth in Apache 2

Hello,

I try to use Authentication::Credential::HTTP to write an application
that should run inside an Apache 2 controlled Basic Authentication
protected environment.

Authentication is done twice, first inside the Apache 2 environment
and also later in the FastCGI Catalyst app Authentication /
Authorization Plugin that pulls out user, role, etc. automagically
which is quite convenient.

Basically the demand of our customer is, that every application has to
go through the main basic authentication Apache 2 procedure first ....


I noticed the following, maybe someone on the list has a workaround:
--------------------------------------------------------------------

(1) Apache 2 seems to return a 'Authorization' header, which is
unfortunately not copied by Engine::CGI in prepare_headers()
since it not =~ /^(?:HTTP|CONTENT|COOKIE)/i;

(2) The FastCGI engine uses the above as base and therefore has
the same problem

(3) Authentication::Credential::HTTP does not work correctly
since the required header never arrives :-(


Besides that:
-------------

The following must be given to FastCgiExternalServer directive to
make the header be propagated from the FastCGI module:

-pass-header Authorization (Apache 2)
-pass-header HTTP_AUTHORIZATION (Apache 1)

Maybe someone could add a line in the Catalyst::Manual Cookbook
FastCGI section?

Thanks in advance
-Thomas
Attachments: smime.p7s (3.20 KB)

Catalyst users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.