[mp2] php response handler clears authenticated user in mod_perl
[mp2] php response handler clears authenticated user in mod_perl
am 04.01.2011 14:57:32 von Peter Albrecht
Hello everyone,
1. Problem Description:
Using PHP as response handler seems to clear the authenticated user ("$r->user()") in successive mod_perl handlers.
*** Reproduce:
1.1. Install attached simple Apache2 server setup (see "4. Source-snippets")
1.2. PHP response handler
1.2.1. Ensure the following lines of "/etc/apache2/vhosts/bug.conf" are commented out:
# SetHandler modperl
# PerlResponseHandler MyApache2::MyResponseHandler
=> PHP response handler will be in action
1.2.2. visit http:///index.php with your browser
1.2.3. error.log tells us:
[Tue Jan 04 11:29:03 2011] [info] [client 90.148.54.54] Start Authentication
[Tue Jan 04 11:29:03 2011] [info] [client 90.148.54.54] Session started for user: 'JonDoe'
[Tue Jan 04 11:29:03 2011] [error] [client 90.148.54.54] OutputFilter: user = "" <-- failure! Should be 'JonDoe'
1.3. mod_perl response handler
1.3.1. Enable the following lines of "/etc/apache2/vhosts/bug.conf":
SetHandler modperl
PerlResponseHandler MyApache2::MyResponseHandler
=> mod_perl response handler (MyResponseHandler.pm) will be in action
1.3.2. visit http:///index.php with your browser
1.3.3. error.log tells us:
[Tue Jan 04 11:30:28 2011] [info] [client 90.148.54.54] Start Authentication
[Tue Jan 04 11:30:28 2011] [info] [client 90.148.54.54] Session started for user: 'JonDoe'
[Tue Jan 04 11:30:28 2011] [error] [client 90.148.54.54] OutputFilter: user = "JonDoe" <-- correct behaviour!
*** Actual result:
Both ResponseHandlers know the authenticated user (see browser output). But in case of the PHP response handler, "$r->user()" seems to be resetted for futher mod_perl handlers (like MyOutputFilter). Using a mod_perl response handler, I always get the correct authenticated user via "$r->user()" in succesive handlers.
*** Expected result:
After PHP response handler "$r->user()" should provide the authenticated user for use in succesive mod_perl handlers like OutputFilter or LogHandler.
*** Workaround:
In your AuthenticationHandler make a backup of the user in an user defined Apache note:
$r->notes->set('myAuthenUser', $r->user());
and use that one in later handlers:
my $user = $r->notes->get('myAuthenUser');
2. Used Components and their Configuration:
*** mod_perl version 2.000004
*** using /usr/lib/perl5/vendor_perl/5.10.0/i586-linux-thread-multi/Ap ache2/BuildConfig.pm
*** Makefile.PL options:
MP_APR_LIB => aprext
MP_APXS => /usr/sbin/apxs2
MP_CCOPTS => -march=i586 -mtune=i686 -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -fPIC -Wall -fno-strict-aliasing -DLDAP_DEPRECATED
MP_COMPAT_1X => 1
MP_GENERATE_XS => 1
MP_LIBNAME => mod_perl
MP_USE_DSO => 1
*** The httpd binary was not found
.. but "httpd2 -V" tells:
Server version: Apache/2.2.10 (Linux/SUSE)
Server built: Feb 23 2009 21:11:31
Server's Module Magic Number: 20051115:18
Server loaded: APR 1.3.3, APR-Util 1.3.4
Compiled using: APR 1.3.3, APR-Util 1.3.4
Architecture: 32-bit
Server MPM: Prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=128
-D HTTPD_ROOT="/srv/www"
-D SUEXEC_BIN="/usr/sbin/suexec2"
-D DEFAULT_PIDLOG="/var/run/httpd2.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="/var/run/accept.lock"
-D DEFAULT_ERRORLOG="/var/log/apache2/error_log"
-D AP_TYPES_CONFIG_FILE="/etc/apache2/mime.types"
-D SERVER_CONFIG_FILE="/etc/apache2/httpd.conf"
*** (apr|apu)-config linking info
(apr|apu)-config scripts were not found
*** /usr/bin/perl -V
Summary of my perl5 (revision 5 version 10 subversion 0) configuration:
Platform:
osname=linux, osvers=2.6.27, archname=i586-linux-thread-multi
uname='linux eisler 2.6.27 #1 smp 2009-02-09 15:38:31 +0100 i686 athlon i386 gnulinux '
config_args='-ds -e -Dprefix=/usr -Dvendorprefix=/usr -Dinstallusrbinperl -Dusethreads -Di_db -Di_dbm -Di_ndbm -Di_gdbm -Duseshrplib=true -Doptimize=-march=i586 -mtune=i686 -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -Wall -pipe -Accflags=-DPERL_USE_SAFE_PUTENV'
hint=recommended, useposix=true, d_sigaction=define
useithreads=define, usemultiplicity=define
useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
use64bitint=undef, use64bitall=undef, uselongdouble=undef
usemymalloc=n, bincompat5005=undef
Compiler:
cc='cc', ccflags ='-D_REENTRANT -D_GNU_SOURCE -DPERL_USE_SAFE_PUTENV -DDEBUGGING -fno-strict-aliasing -pipe -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
optimize='-march=i586 -mtune=i686 -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -Wall -pipe',
cppflags='-D_REENTRANT -D_GNU_SOURCE -DPERL_USE_SAFE_PUTENV -DDEBUGGING -fno-strict-aliasing -pipe'
ccversion='', gccversion='4.3.2 [gcc-4_3-branch revision 141291]', gccosandvers=''
intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
alignbytes=4, prototype=define
Linker and Libraries:
ld='cc', ldflags =''
libpth=/lib /usr/lib /usr/local/lib
libs=-lnsl -ldl -lm -lcrypt -lutil -lpthread -lc
perllibs=-lnsl -ldl -lm -lcrypt -lutil -lpthread -lc
libc=/lib/libc-2.9.so, so=so, useshrplib=true, libperl=libperl.so
gnulibc_version='2.9'
Dynamic Linking:
dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E -Wl,-rpath,/usr/lib/perl5/5.10.0/i586-linux-thread-multi/COR E'
cccdlflags='-fPIC', lddlflags='-shared -march=i586 -mtune=i686 -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -Wall -pipe'
Characteristics of this binary (from libperl):
Compile-time options: DEBUGGING MULTIPLICITY PERL_DONT_CREATE_GVSV
PERL_IMPLICIT_CONTEXT PERL_MALLOC_WRAP
PERL_TRACK_MEMPOOL PERL_USE_SAFE_PUTENV USE_ITHREADS
USE_LARGE_FILES USE_PERLIO USE_REENTRANT_API
Built under linux
Compiled at Feb 21 2009 07:14:55
%ENV:
PERL_LWP_USE_HTTP_10="1"
@INC:
/usr/lib/perl5/5.10.0/i586-linux-thread-multi
/usr/lib/perl5/5.10.0
/usr/lib/perl5/site_perl/5.10.0/i586-linux-thread-multi
/usr/lib/perl5/site_perl/5.10.0
/usr/lib/perl5/vendor_perl/5.10.0/i586-linux-thread-multi
/usr/lib/perl5/vendor_perl/5.10.0
/usr/lib/perl5/vendor_perl
.
*** Packages of interest status:
Apache2 : -
Apache2::Request : -
CGI : 3.29
ExtUtils::MakeMaker: 6.42
LWP : 5.816
mod_perl : -
mod_perl2 : 2.000004
3. This is the core dump trace: (if you get a core dump):
got no core dump
This report was generated by /usr/bin/mp2bug on Wed Dec 22 06:49:14 2010 GMT.
*** Other environment information (manual addition)
Linux: SuSE Linux Enterprise Server 11, PL0
rpm -qa | grep php:
apache2-mod_php5-5.2.6-50.17
php5-5.2.6-50.17
php5-zlib-5.2.6-50.17
php5-iconv-5.2.6-50.17
php5-xmlreader-5.2.6-50.17
php5-pear-log-1.9.11-24.28
php5-mcrypt-5.2.6-50.17
php5-tokenizer-5.2.6-50.17
php5-mbstring-5.2.6-50.17
php5-gd-5.2.6-50.17
php5-odbc-5.2.6-50.17
php5-ncurses-5.2.6-50.17
php5-sqlite-5.2.6-50.17
php5-curl-5.2.6-50.17
php5-pdo-5.2.6-50.17
php5-json-5.2.6-50.17
php5-dom-5.2.6-50.17
php5-mysql-5.2.6-50.17
php5-pear-5.2.12-5.1
php5-devel-5.2.6-50.17
php5-openssl-5.2.6-50.17
php5-ctype-5.2.6-50.17
php5-ldap-5.2.6-50.17
php5-xmlwriter-5.2.6-50.17
php5-hash-5.2.6-50.17
php5-APC-3.1.3-1.1
rpm -qa | grep apache2:
apache2-utils-2.2.10-2.18
apache2-2.2.10-2.18
apache2-example-pages-2.2.10-2.18
apache2-mod_php5-5.2.6-50.17
apache2-mod_auth_kerb-5.4-7.1
apache2-prefork-2.2.10-2.18
apache2-worker-2.2.10-2.18
apache2-doc-2.2.10-2.18
apache2-mod_python-3.3.1-147.19
apache2-mod_jk-1.2.26-1.29
apache2-mod_perl-2.0.4-40.19
4. Source-snippets:
*** ./htdocs/index.php
print("Hello world! From php (REMOTE_USER: \"" . $_SERVER['REMOTE_USER'] . "\")");
?>
*** ./mp2/MyApache2/MyAuthenHandler.pm
[...]
sub handler {
my $r = shift;
my $logger = $r->log;
$logger->info('Start Authentication');
$r->ap_auth_type('Session');
$r->user('JonDoe');
$logger->info("Session started for user: '" . $r->user() . "'");
return Apache2::Const::OK;
}
[...]
*** ./mp2/MyApache2/MyResponseHandler.pm
[...]
sub handler {
my $r = shift;
$r->print("Hello world! From mod_perl (Request-User: \"" . $r->user() . "\")");
return Apache2::Const::OK;
}
[...]
*** ./mp2/MyApache2/MyOutputFilter.pm
[...]
use base qw(Apache2::Filter);
sub handler : FilterRequestHandler {
my $f = shift;
my $r = $f->r;
my $logger = $r->log;
$logger->error("OutputFilter: user = \"" . $r->user() . "\"");
return Apache2::Const::DECLINED;
}
[...]
*** /etc/apache2/vhosts/bug.conf
[...]
php_value include_path ".:/usr/share/php5:/usr/share/php5/PEAR"
use lib qw#/srv/www/bug/mp2#;
AddType text/html .php
PerlAuthenHandler MyApache2::MyAuthenHandler
PerlOutputFilterHandler MyApache2::MyOutputFilter
Allow from all
AuthType MyAuthType
AuthName "Secret Area"
require valid-user
# SetHandler modperl
# PerlResponseHandler MyApache2::MyResponseHandler
--
Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de
Re: [mp2] php response handler clears authenticated user in mod_perl
am 04.01.2011 15:03:58 von Adam Prime
This is a bug in mod_php not mod_perl isn't it?
Adam
Re: [mp2] php response handler clears authenticated user in
am 04.01.2011 16:42:33 von fakessh
--=-VKLDMgSyzyvYEJ0w77q9
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
the perl core is early buggy
some misunderstand in the regex
some valuable { is again ....
my personnal experience with the mod perl user is crach with the webmail
if Jaos @
Le mardi 04 janvier 2011 à 14:57 +0100, Peter Albrecht a écrit :
> Hello everyone,
>=20
> 1. Problem Description:
>=20
> Using PHP as response handler seems to clear the authenticated user ("$=
r->user()") in successive mod_perl handlers.
>=20
> =20
> *** Reproduce:
>=20
> 1.1. Install attached simple Apache2 server setup (see "4. Source-snipp=
ets")
> =20
> 1.2. PHP response handler
>=20
> 1.2.1. Ensure the following lines of "/etc/apache2/vhosts/bug.conf" are=
commented out:
>=20
> # SetHandler modperl
> # PerlResponseHandler MyApache2::MyResponseHandler
>=20
> =3D> PHP response handler will be in action
>=20
> 1.2.2. visit http:///index.php with your browser
> =20
> 1.2.3. error.log tells us:
> [Tue Jan 04 11:29:03 2011] [info] [client 90.148.54.54] Start Authe=
ntication
> [Tue Jan 04 11:29:03 2011] [info] [client 90.148.54.54] Session sta=
rted for user: 'JonDoe'
> [Tue Jan 04 11:29:03 2011] [error] [client 90.148.54.54] OutputFilt=
er: user =3D "" <-- failure! Should be 'JonDoe'
>=20
> 1.3. mod_perl response handler
> =20
> 1.3.1. Enable the following lines of "/etc/apache2/vhosts/bug.conf":
>=20
> SetHandler modperl
> PerlResponseHandler MyApache2::MyResponseHandler
>=20
> =3D> mod_perl response handler (MyResponseHandler.pm) will be in acti=
on
>=20
> 1.3.2. visit http:///index.php with your browser
> =20
> 1.3.3. error.log tells us:
> [Tue Jan 04 11:30:28 2011] [info] [client 90.148.54.54] Start Authe=
ntication
> [Tue Jan 04 11:30:28 2011] [info] [client 90.148.54.54] Session sta=
rted for user: 'JonDoe'
> [Tue Jan 04 11:30:28 2011] [error] [client 90.148.54.54] OutputFilt=
er: user =3D "JonDoe" <-- correct behaviour!
>=20
>=20
>=20
> *** Actual result:
>=20
> Both ResponseHandlers know the authenticated user (see browser output).=
But in case of the PHP response handler, "$r->user()" seems to be resetted=
for futher mod_perl handlers (like MyOutputFilter). Using a mod_perl respo=
nse handler, I always get the correct authenticated user via "$r->user()" i=
n succesive handlers.
>=20
>=20
> *** Expected result:
>=20
> After PHP response handler "$r->user()" should provide the authenticate=
d user for use in succesive mod_perl handlers like OutputFilter or LogHandl=
er.
>=20
>=20
> *** Workaround:
>=20
> In your AuthenticationHandler make a backup of the user in an user defi=
ned Apache note:
> =20
> $r->notes->set('myAuthenUser', $r->user());=20
>=20
> and use that one in later handlers:
> =20
> my $user =3D $r->notes->get('myAuthenUser');
> =20
>=20
> 2. Used Components and their Configuration:
>=20
> *** mod_perl version 2.000004
>=20
> *** using /usr/lib/perl5/vendor_perl/5.10.0/i586-linux-thread-multi/Ap ach=
e2/BuildConfig.pm
>=20
> *** Makefile.PL options:
> MP_APR_LIB =3D> aprext
> MP_APXS =3D> /usr/sbin/apxs2
> MP_CCOPTS =3D> -march=3Di586 -mtune=3Di686 -fmessage-length=3D0 -O=
2 -Wall -D_FORTIFY_SOURCE=3D2 -fstack-protector -funwind-tables -fasynchron=
ous-unwind-tables -g -fPIC -Wall -fno-strict-aliasing -DLDAP_DEPRECATED
> MP_COMPAT_1X =3D> 1
> MP_GENERATE_XS =3D> 1
> MP_LIBNAME =3D> mod_perl
> MP_USE_DSO =3D> 1
>=20
>=20
> *** The httpd binary was not found
>=20
> .. but "httpd2 -V" tells:
> =20
> Server version: Apache/2.2.10 (Linux/SUSE)
> Server built: Feb 23 2009 21:11:31
> Server's Module Magic Number: 20051115:18
> Server loaded: APR 1.3.3, APR-Util 1.3.4
> Compiled using: APR 1.3.3, APR-Util 1.3.4
> Architecture: 32-bit
> Server MPM: Prefork
> threaded: no
> forked: yes (variable process count)
> Server compiled with....
> -D APACHE_MPM_DIR=3D"server/mpm/prefork"
> -D APR_HAS_SENDFILE
> -D APR_HAS_MMAP
> -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
> -D APR_USE_SYSVSEM_SERIALIZE
> -D APR_USE_PTHREAD_SERIALIZE
> -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
> -D APR_HAS_OTHER_CHILD
> -D AP_HAVE_RELIABLE_PIPED_LOGS
> -D DYNAMIC_MODULE_LIMIT=3D128
> -D HTTPD_ROOT=3D"/srv/www"
> -D SUEXEC_BIN=3D"/usr/sbin/suexec2"
> -D DEFAULT_PIDLOG=3D"/var/run/httpd2.pid"
> -D DEFAULT_SCOREBOARD=3D"logs/apache_runtime_status"
> -D DEFAULT_LOCKFILE=3D"/var/run/accept.lock"
> -D DEFAULT_ERRORLOG=3D"/var/log/apache2/error_log"
> -D AP_TYPES_CONFIG_FILE=3D"/etc/apache2/mime.types"
> -D SERVER_CONFIG_FILE=3D"/etc/apache2/httpd.conf"
>=20
>=20
> *** (apr|apu)-config linking info
>=20
> (apr|apu)-config scripts were not found
>=20
>=20
>=20
> *** /usr/bin/perl -V
> Summary of my perl5 (revision 5 version 10 subversion 0) configuration:
> Platform:
> osname=3Dlinux, osvers=3D2.6.27, archname=3Di586-linux-thread-multi
> uname=3D'linux eisler 2.6.27 #1 smp 2009-02-09 15:38:31 +0100 i686 at=
hlon i386 gnulinux '
> config_args=3D'-ds -e -Dprefix=3D/usr -Dvendorprefix=3D/usr -Dinstall=
usrbinperl -Dusethreads -Di_db -Di_dbm -Di_ndbm -Di_gdbm -Duseshrplib=3Dtru=
e -Doptimize=3D-march=3Di586 -mtune=3Di686 -fmessage-length=3D0 -O2 -Wall -=
D_FORTIFY_SOURCE=3D2 -fstack-protector -funwind-tables -fasynchronous-unwin=
d-tables -g -Wall -pipe -Accflags=3D-DPERL_USE_SAFE_PUTENV'
> hint=3Drecommended, useposix=3Dtrue, d_sigaction=3Ddefine
> useithreads=3Ddefine, usemultiplicity=3Ddefine
> useperlio=3Ddefine, d_sfio=3Dundef, uselargefiles=3Ddefine, usesocks=
=3Dundef
> use64bitint=3Dundef, use64bitall=3Dundef, uselongdouble=3Dundef
> usemymalloc=3Dn, bincompat5005=3Dundef
> Compiler:
> cc=3D'cc', ccflags =3D'-D_REENTRANT -D_GNU_SOURCE -DPERL_USE_SAFE_PUT=
ENV -DDEBUGGING -fno-strict-aliasing -pipe -D_LARGEFILE_SOURCE -D_FILE_OFFS=
ET_BITS=3D64',
> optimize=3D'-march=3Di586 -mtune=3Di686 -fmessage-length=3D0 -O2 -Wal=
l -D_FORTIFY_SOURCE=3D2 -fstack-protector -funwind-tables -fasynchronous-un=
wind-tables -g -Wall -pipe',
> cppflags=3D'-D_REENTRANT -D_GNU_SOURCE -DPERL_USE_SAFE_PUTENV -DDEBUG=
GING -fno-strict-aliasing -pipe'
> ccversion=3D'', gccversion=3D'4.3.2 [gcc-4_3-branch revision 141291]'=
, gccosandvers=3D''
> intsize=3D4, longsize=3D4, ptrsize=3D4, doublesize=3D8, byteorder=3D1=
234
> d_longlong=3Ddefine, longlongsize=3D8, d_longdbl=3Ddefine, longdblsiz=
e=3D12
> ivtype=3D'long', ivsize=3D4, nvtype=3D'double', nvsize=3D8, Off_t=3D'=
off_t', lseeksize=3D8
> alignbytes=3D4, prototype=3Ddefine
> Linker and Libraries:
> ld=3D'cc', ldflags =3D''
> libpth=3D/lib /usr/lib /usr/local/lib
> libs=3D-lnsl -ldl -lm -lcrypt -lutil -lpthread -lc
> perllibs=3D-lnsl -ldl -lm -lcrypt -lutil -lpthread -lc
> libc=3D/lib/libc-2.9.so, so=3Dso, useshrplib=3Dtrue, libperl=3Dlibper=
l.so
> gnulibc_version=3D'2.9'
> Dynamic Linking:
> dlsrc=3Ddl_dlopen.xs, dlext=3Dso, d_dlsymun=3Dundef, ccdlflags=3D'-Wl=
,-E -Wl,-rpath,/usr/lib/perl5/5.10.0/i586-linux-thread-multi/COR E'
> cccdlflags=3D'-fPIC', lddlflags=3D'-shared -march=3Di586 -mtune=3Di68=
6 -fmessage-length=3D0 -O2 -Wall -D_FORTIFY_SOURCE=3D2 -fstack-protector -f=
unwind-tables -fasynchronous-unwind-tables -g -Wall -pipe'
>=20
>=20
> Characteristics of this binary (from libperl):
> Compile-time options: DEBUGGING MULTIPLICITY PERL_DONT_CREATE_GVSV
> PERL_IMPLICIT_CONTEXT PERL_MALLOC_WRAP
> PERL_TRACK_MEMPOOL PERL_USE_SAFE_PUTENV USE_ITHRE=
ADS
> USE_LARGE_FILES USE_PERLIO USE_REENTRANT_API
> Built under linux
> Compiled at Feb 21 2009 07:14:55
> %ENV:
> PERL_LWP_USE_HTTP_10=3D"1"
> @INC:
> /usr/lib/perl5/5.10.0/i586-linux-thread-multi
> /usr/lib/perl5/5.10.0
> /usr/lib/perl5/site_perl/5.10.0/i586-linux-thread-multi
> /usr/lib/perl5/site_perl/5.10.0
> /usr/lib/perl5/vendor_perl/5.10.0/i586-linux-thread-multi
> /usr/lib/perl5/vendor_perl/5.10.0
> /usr/lib/perl5/vendor_perl
> .
>=20
> *** Packages of interest status:
>=20
> Apache2 : -
> Apache2::Request : -
> CGI : 3.29
> ExtUtils::MakeMaker: 6.42
> LWP : 5.816
> mod_perl : -
> mod_perl2 : 2.000004
>=20
>=20
> 3. This is the core dump trace: (if you get a core dump):
>=20
> got no core dump
>=20
> This report was generated by /usr/bin/mp2bug on Wed Dec 22 06:49:14 2010 =
GMT.
>=20
> *** Other environment information (manual addition)
>=20
> Linux: SuSE Linux Enterprise Server 11, PL0
>=20
> rpm -qa | grep php:
> apache2-mod_php5-5.2.6-50.17
> php5-5.2.6-50.17
> php5-zlib-5.2.6-50.17
> php5-iconv-5.2.6-50.17
> php5-xmlreader-5.2.6-50.17
> php5-pear-log-1.9.11-24.28
> php5-mcrypt-5.2.6-50.17
> php5-tokenizer-5.2.6-50.17
> php5-mbstring-5.2.6-50.17
> php5-gd-5.2.6-50.17
> php5-odbc-5.2.6-50.17
> php5-ncurses-5.2.6-50.17
> php5-sqlite-5.2.6-50.17
> php5-curl-5.2.6-50.17
> php5-pdo-5.2.6-50.17
> php5-json-5.2.6-50.17
> php5-dom-5.2.6-50.17
> php5-mysql-5.2.6-50.17
> php5-pear-5.2.12-5.1
> php5-devel-5.2.6-50.17
> php5-openssl-5.2.6-50.17
> php5-ctype-5.2.6-50.17
> php5-ldap-5.2.6-50.17
> php5-xmlwriter-5.2.6-50.17
> php5-hash-5.2.6-50.17
> php5-APC-3.1.3-1.1
>=20
> rpm -qa | grep apache2:
> apache2-utils-2.2.10-2.18
> apache2-2.2.10-2.18
> apache2-example-pages-2.2.10-2.18
> apache2-mod_php5-5.2.6-50.17
> apache2-mod_auth_kerb-5.4-7.1
> apache2-prefork-2.2.10-2.18
> apache2-worker-2.2.10-2.18
> apache2-doc-2.2.10-2.18
> apache2-mod_python-3.3.1-147.19
> apache2-mod_jk-1.2.26-1.29
> apache2-mod_perl-2.0.4-40.19
>=20
>=20
> 4. Source-snippets:
>=20
> *** ./htdocs/index.php
>
> print("Hello world! From php (REMOTE_USER: \"" . $_SERVER['REMOTE_USER'] =
.. "\")");
> ?>
>=20
>=20
> *** ./mp2/MyApache2/MyAuthenHandler.pm
> [...]
> sub handler {
> my $r =3D shift;
> my $logger =3D $r->log;
>=20
> $logger->info('Start Authentication');
>=20
> $r->ap_auth_type('Session');
> $r->user('JonDoe');
>=20
> $logger->info("Session started for user: '" . $r->user() . "'");
> return Apache2::Const::OK;
> }
> [...]
>=20
>=20
> *** ./mp2/MyApache2/MyResponseHandler.pm
> [...]
> sub handler {
> my $r =3D shift;
>=20
> $r->print("Hello world! From mod_perl (Request-User: \"" . $r->us=
er() . "\")");
>=20
> return Apache2::Const::OK;
> }
> [...]
>=20
>=20
> *** ./mp2/MyApache2/MyOutputFilter.pm
> [...]
> use base qw(Apache2::Filter);
>=20
> sub handler : FilterRequestHandler {
> my $f =3D shift;
>=20
> my $r =3D $f->r;
> my $logger =3D $r->log;
>=20
> $logger->error("OutputFilter: user =3D \"" . $r->user() . "\"");
>=20
> return Apache2::Const::DECLINED;
> }
> [...]
>=20
>=20
> *** /etc/apache2/vhosts/bug.conf
>
> [...]
> php_value include_path ".:/usr/share/php5:/usr/share/php5/PEAR"
>
> use lib qw#/srv/www/bug/mp2#;
>
>=20
>
> AddType text/html .php
> PerlAuthenHandler MyApache2::MyAuthenHandler
> PerlOutputFilterHandler MyApache2::MyOutputFilter
>=20
> Allow from all
> AuthType MyAuthType
> AuthName "Secret Area"
> require valid-user
>=20
> # SetHandler modperl
> # PerlResponseHandler MyApache2::MyResponseHandler
>
>
>=20
--=20
gpg --keyserver pgp.mit.edu --recv-key 092164A7
http://pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0x0921 64A7
--=-VKLDMgSyzyvYEJ0w77q9
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: Ceci est une partie de message
=?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQBNIz/ptXI/OwkhZKcRAvrLAJ9XDjUKJ4GASWv0KCl4/iqHSRPzhwCg hhSl
iEpT4Dp6Xqwx83iPEAESudw=
=C7Uk
-----END PGP SIGNATURE-----
--=-VKLDMgSyzyvYEJ0w77q9--
Re: [mp2] [SOLVED] php response handler clears authenticated user inmod_perl
am 05.01.2011 08:36:45 von Peter Albrecht
Hi Adam,
it seems to be a bug in mod_php: http://bugs.php.net/46005
I'm sorry having posted to the wrong list!
I promise, I have used the search engine of my choice, _before_ posting here...
But maybe that post will at least help some else.
Peter
-------- Original-Nachricht --------
> Datum: Tue, 04 Jan 2011 09:03:58 -0500
> Von: Adam Prime
> An: modperl@perl.apache.org
> Betreff: Re: [mp2] php response handler clears authenticated user in mod_perl
> This is a bug in mod_php not mod_perl isn't it?
>
> Adam
>
--
Neu: GMX De-Mail - Einfach wie E-Mail, sicher wie ein Brief!
Jetzt De-Mail-Adresse reservieren: http://portal.gmx.net/de/go/demail