Henry:
I have fixed this issue in Apache::AuthCookie 3.09_01.
However, you still will not have the credentials in CGI.pm, or libapreq.
There are 2 reasons why this is not possible:
1) LoginScript runs inside a subrequest. The POSTed form data comes
from the *previous* request. From your LoginScript's perspective, the
form data does not exist because the LoginScript is in a different
Apache request.
2) Apache only allows you to read POST data ONE TIME. This happens
inside AuthCookie. AuthCookie has no way of knowing if you are going to
be using CGI.pm, libapreq, or some other form-data-library. So
AuthCookie can not initialize CGI.pm, or libapreq for you.
So the only thing that can be reasonably done is to provide an interface
for the LoginScript to retrieve the credentials from the previous request.
In 3.09_01, I have stored the @credentials array in
$r->pnotes("${auth_name}Creds"); So in your LoginScript, you simply get
the credentials this way:
my $creds = $r->prev->pnotes("${auth_name}Creds");
If the creds are available, $creds will be defined, and is a reference
to an array containing the credentials.
See t/htdocs/docs/login.pl from 3.09_01 which makes use of this and
includes the credentials in a HTML comment in the login form (so that
real.t can check that it works :)).
If you have any questions about this, please do not hesitate to contact me.
Regards,
Michael Schout