Skip Menu |

This queue is for tickets about the Apache-AuthCookie CPAN distribution.

Report information
The Basics
Id: 12045
Status: rejected
Priority: 0/
Queue: Apache-AuthCookie
People
Owner: Nobody in particular
Requestors: Vegard.Vesterheim [...] uninett.no
Cc:
AdminCc:
Bug Information
Severity: Normal
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Tue Mar 29 06:17:10 2005 Guest - Ticket created
Subject: Errant error messages, interaction with Apache::AuthCookieDBI
ache::AuthCookie.pm 3.06 Apache::AuthCookieDBI.pm 1.19 (but probably applies to later versions aswell) perl 5.8.5 NetBSD nsa.uninett.no 2.0 NetBSD 2.0 (GENERIC) Apache::AuthCookie supplies the method recognize_user(): "If the user has provided a valid session key but the document isn't protected, this method will set $r->connection->user anyway. Use it as a PerlFixupHandler, unless you have a better idea." This method calls Apache::AuthCookieDBI->authen_ses_key, which issues error messages when the Cookie is not acknowledged. But the document is not protected, so no error message should be issued. Could possibly be solved by an extra parameter 'ignore_errors' to the authen_ses_key method. Will report this in Apache::AuthCookieDBI aswell.
  Fri Nov 20 00:12:44 2009 MSCHOUT [...] cpan.org - Correspondence added
Show quoted text
> Apache::AuthCookie supplies the method recognize_user(): > > "If the user has provided a valid session key but the document isn't > protected, this method will set $r->connection->user > anyway. Use it as a PerlFixupHandler, unless you have a better > idea." > > This method calls Apache::AuthCookieDBI->authen_ses_key, which issues > error messages when the Cookie is not acknowledged. But the > document is not protected, so no error message should be issued. > Could possibly be solved by an extra parameter 'ignore_errors' to > the authen_ses_key method. Will report this in > Apache::AuthCookieDBI aswell.
If you still care about this, AuthCookieDBI is probably the place where this should be dealt with. The error message originates from there, so AuthCookieDBI would need to provide you with a mechanism to squash it (perhaps with a config variable?). I don't think its a good idea to add parameters to authen_ses_key(), since it is a virtual method, and the interface has been stable for nearly a decade.
  Fri Nov 20 00:12:45 2009 The RT System itself - Status changed from 'new' to 'open'
  Fri Nov 20 00:12:46 2009 MSCHOUT [...] cpan.org - Status changed from 'open' to 'rejected'