Unable to get PerlAuthenHandler to work in mp2

Hey all

I'm trying to get PerlAuthenHandler to work but when I go to a URL that
I've set it up on, it asks for a username and password and then lets me
in no matter what I type.

My entry in Apache's .conf file is:

------------------------------------------------------------ ------------
PerlModule TVSpecial::Admin;

SetHandler perl-script
PerlResponseHandler TVSpecial::Admin
PerlAuthenHandler TVSpecial::Auth
AuthType Basic
AuthName "Television Special Resources"
Require valid-user

------------------------------------------------------------ ------------

Then the TVSpecial::Auth module contains:

------------------------------------------------------------ ------------
package TVSpecial::Auth;
use strict;

use Apache2::Access ();
use Apache2::RequestUtil ();
use Apache2::Const -compile => qw(OK DECLINED HTTP_UNAUTHORIZED);

use DBI;

sub handler {
my $r = shift;
Apache2::RequestUtil->request($r);
my ($status,$pw) = $r->get_basic_auth_pw;
return $status if $status != Apache2::Const::OK;
my $dbh = DBI->connect(undef,undef,undef,{RaiseError => 1, PrintError => 1}) or die("Cannot connect to DB");
return Apache2::Const::OK if ($dbh->selectrow_array("SELECT userid FROM users WHERE username=? AND password=?",undef,$r->user,$pw))[0];
$r->note_basic_auth_failure;
return Apache2::Const::HTTP_UNAUTHORIZED;
}

1;
------------------------------------------------------------ ------------

Can anyone see a reason why no matter what username/password I put in,
it authenticates them successfully? BTW I've set DBI_DSN, DBI_USER and
DBI_PASS in the .conf file as well, and my PerlResponseHandler works
fine with the same DBI->connect statement, so I can't see that being a
problem.

Thanks in advance
--
Brett Randall
Support & Development Manager
Technology Services
Hillsong Church
02 8846 4800

____________________________________________________________ ____________
The material contained in this email may be confidential, and may also
be the subject of copyright and/or privileged information. If you are
not the intended recipient, any use, disclosure or copying of this
document is prohibited. If you have received this document in error,
please advise the sender and delete the document.

This email communication does not create or vary any contractual
relationship between Hillsong and you. Internet communications are not
secure and accordingly Hillsong does not accept any legal liability
for the contents of this message.

Please note that neither Hillsong nor the sender accepts any
responsibility for viruses and it is your responsibility to scan the
email and any attachments.

Hillsong
www.hillsong.com

____________________________________________________________ ____________

Re: Unable to get PerlAuthenHandler to work in mp2

On Wed, Aug 20, 2008 at 3:03 AM, Brett Randall wrote:
> I'm trying to get PerlAuthenHandler to work but when I go to a URL that
> I've set it up on, it asks for a username and password and then lets me
> in no matter what I type.

Have you debugged this code to figure out which line it returns on?

- Perrin

Re: Unable to get PerlAuthenHandler to work in mp2

>>>>> "Perrin" == Perrin Harkins writes:

> On Wed, Aug 20, 2008 at 3:03 AM, Brett Randall wrote:
>> I'm trying to get PerlAuthenHandler to work but when I go to a URL
>> that I've set it up on, it asks for a username and password and then
>> lets me in no matter what I type.

> Have you debugged this code to figure out which line it returns on?

I was wondering about debugging... I'll probably do the good old open a
file, write to it after each line, and see where it stops writing - but
for future reference, is there a better way to debug PerlAuthenHandlers?
--
Brett Randall
Support & Development Manager
Technology Services
Hillsong Church
02 8846 4800

____________________________________________________________ ____________
The material contained in this email may be confidential, and may also
be the subject of copyright and/or privileged information. If you are
not the intended recipient, any use, disclosure or copying of this
document is prohibited. If you have received this document in error,
please advise the sender and delete the document.

This email communication does not create or vary any contractual
relationship between Hillsong and you. Internet communications are not
secure and accordingly Hillsong does not accept any legal liability
for the contents of this message.

Please note that neither Hillsong nor the sender accepts any
responsibility for viruses and it is your responsibility to scan the
email and any attachments.

Hillsong
www.hillsong.com

____________________________________________________________ ____________

Re: Unable to get PerlAuthenHandler to work in mp2

On Wed, Aug 20, 2008 at 5:42 PM, Brett Randall wrote:
> I was wondering about debugging... I'll probably do the good old open a
> file, write to it after each line, and see where it stops writing

No need to open a file. Anything you print to STDERR goes to apache's
error_log, so just use warn() statements.

For more serious stuff, use the debugger:
http://perl.apache.org/docs/1.0/guide/debug.html

- Perrin

Re: Unable to get PerlAuthenHandler to work in mp2

--- On Wed, 8/20/08, Brett Randall wrote:

> From: Brett Randall
> Subject: Re: Unable to get PerlAuthenHandler to work in mp2
> To: "Perrin Harkins"
> Cc: modperl@perl.apache.org
> Date: Wednesday, August 20, 2008, 3:42 PM
> >>>>> "Perrin" == Perrin Harkins
> writes:
>
> > On Wed, Aug 20, 2008 at 3:03 AM, Brett Randall
> wrote:
> >> I'm trying to get PerlAuthenHandler to work
> but when I go to a URL
> >> that I've set it up on, it asks for a username
> and password and then
> >> lets me in no matter what I type.
>
> > Have you debugged this code to figure out which line
> it returns on?
>
> I was wondering about debugging... I'll probably do the
> good old open a
> file, write to it after each line, and see where it stops
> writing - but
> for future reference, is there a better way to debug
> PerlAuthenHandlers?


Try adding "warn $msg" statements (instead of printing to a file).

Perl's "warn" function prints to STDERR, which is usually appended to the web server's errors log. To read the errors as they are printed, do the following (provided you have shell access on your server, and it's running on some kind of Unix/Linux system):

tail -f /var/log/httpd/error_log
(where /var/log/httpd/error_log is the path to your error log).

Regards,
John Drago

Re: Unable to get PerlAuthenHandler to work in mp2

>>>>> "Perrin" == Perrin Harkins writes:

> On Wed, Aug 20, 2008 at 5:42 PM, Brett Randall wrote:
>> I was wondering about debugging... I'll probably do the good old open
>> a file, write to it after each line, and see where it stops writing

> No need to open a file. Anything you print to STDERR goes to apache's
> error_log, so just use warn() statements.

Thanks for that. I've figured out the problem now with the help of
warn. It was bombing out at DBI->connect() because I was using "SetEnv"
in Apache's .conf file instead of "PerlSetEnv" to set my DBI
variables. Apparently in a PerlResponseHandler, it has access to these
variables, but a PerlAuthenHandler doesn't, so I've just changed those
three lines and it works a treat now.

Thanks for your help!
--
Brett Randall
Support & Development Manager
Technology Services
Hillsong Church
02 8846 4800

____________________________________________________________ ____________
The material contained in this email may be confidential, and may also
be the subject of copyright and/or privileged information. If you are
not the intended recipient, any use, disclosure or copying of this
document is prohibited. If you have received this document in error,
please advise the sender and delete the document.

This email communication does not create or vary any contractual
relationship between Hillsong and you. Internet communications are not
secure and accordingly Hillsong does not accept any legal liability
for the contents of this message.

Please note that neither Hillsong nor the sender accepts any
responsibility for viruses and it is your responsibility to scan the
email and any attachments.

Hillsong
www.hillsong.com

____________________________________________________________ ____________

Re: Unable to get PerlAuthenHandler to work in mp2

>
> Try adding "warn $msg" statements (instead of printing to a file).
>
> Perl's "warn" function prints to STDERR, which is usually appended to the web server's errors log. To read the errors as they are printed, do the following (provided you have shell access on your server, and it's running on some kind of Unix/Linux system):
>
> tail -f /var/log/httpd/error_log

Apache's log entries are escaped, so it makes it difficult to read
multi-line output (eg) Data::Dumper output.

You can make them more readable with:

tail -f /var/log/httpd/error_log | perl -pe 's/\\n/\n/g'

clint

Re: Unable to get PerlAuthenHandler to work in mp2

Clinton Gormley wrote:
>> Try adding "warn $msg" statements (instead of printing to a file).
>>
>> Perl's "warn" function prints to STDERR, which is usually appended to the web server's errors log. To read the errors as they are printed, do the following (provided you have shell access on your server, and it's running on some kind of Unix/Linux system):
>>
>> tail -f /var/log/httpd/error_log
>
> Apache's log entries are escaped, so it makes it difficult to read
> multi-line output (eg) Data::Dumper output.
>
> You can make them more readable with:
>
> tail -f /var/log/httpd/error_log | perl -pe 's/\\n/\n/g'

**** WARNING NOT FOR PRODUCTION *****
**** WARNING NOT FOR PRODUCTION *****
**** WARNING NOT FOR PRODUCTION *****
**** WARNING NOT FOR PRODUCTION *****
**** WARNING NOT FOR PRODUCTION *****

compile httpd with
-DAP_UNSAFE_ERROR_LOG_UNESCAPED'


--
------------------------------------------------------------ ------------
Philip M. Gollucci (philip@ridecharge.com)
o:703.549.2050x206
Senior System Admin - Riderway, Inc.
http://riderway.com / http://ridecharge.com
1024D/DB9B8C1C B90B FBC3 A3A1 C71A 8E70 3F8C 75B8 8FFB DB9B 8C1C

Work like you don't need the money,
love like you'll never get hurt,
and dance like nobody's watching.