Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Catalyst: Users

Engine::(Fast)CGI and Basic Auth in Apache 2



Catalyst users RSS feed   Index | Next | Previous | View Threaded

himself at tomott

Feb 29, 2008, 2:54 AM

Post #1 of 1 (467 views)
Engine::(Fast)CGI and Basic Auth in Apache 2


I try to use Authentication::Credential::HTTP to write an application
that should run inside an Apache 2 controlled Basic Authentication
protected environment.

Authentication is done twice, first inside the Apache 2 environment
and also later in the FastCGI Catalyst app Authentication /
Authorization Plugin that pulls out user, role, etc. automagically
which is quite convenient.

Basically the demand of our customer is, that every application has to
go through the main basic authentication Apache 2 procedure first ....

I noticed the following, maybe someone on the list has a workaround:

(1) Apache 2 seems to return a 'Authorization' header, which is
unfortunately not copied by Engine::CGI in prepare_headers()
since it not =~ /^(?:HTTP|CONTENT|COOKIE)/i;

(2) The FastCGI engine uses the above as base and therefore has
the same problem

(3) Authentication::Credential::HTTP does not work correctly
since the required header never arrives :-(

Besides that:

The following must be given to FastCgiExternalServer directive to
make the header be propagated from the FastCGI module:

-pass-header Authorization (Apache 2)
-pass-header HTTP_AUTHORIZATION (Apache 1)

Maybe someone could add a line in the Catalyst::Manual Cookbook
FastCGI section?

Thanks in advance
Attachments: smime.p7s (3.20 KB)

Catalyst users RSS feed   Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.