Skip Menu |

This queue is for tickets about the Apache-AuthCookie CPAN distribution.

Report information
The Basics
Id: 39747
Status: resolved
Priority: 0/
Queue: Apache-AuthCookie
People
Owner: Nobody in particular
Requestors: peter [...] glossop.org
Cc:
AdminCc:
Bug Information
Severity: Critical
Broken in: 3.12
Fixed in: (no value)
Attachments
access_log
AuthCookieHandler.pm
credential1.mas
error_log
http.conf

History Show all quoted text
  Wed Oct 01 13:51:23 2008 peter [...] glossop.org - Ticket created
Subject: Authentication problems
When accessing the /Jobs directory the login screen returns even though the cookie is successfully established the first time around and no further progress can be made. Mason is used, but I don't think that's having any effect on this. It appears to go into authenticate() and fails to either pick up previous user or the existing cookie. Environment:OpenSUSE 10.3 64 bit Apache/2.2.4 (Linux/SUSE) mod_ssl/2.2.4 OpenSSL/0.9.8e mod_perl/2.0.3 Perl/v5.8.8 configured (Linux 2.6.22.18-0.2-default #1 SMP 2008-06-09 13:53:20 +0200 x86_64 x86_64 x86_64 GNU/Linux)
Subject: error_log
Download error_log
application/octet-stream 1.4k

Message body not shown because it is not plain text.

Subject: AuthCookieHandler.pm
package Sample::AuthCookieHandler; use strict; use base qw(Apache2::AuthCookie); use Apache2::RequestRec; use Apache2::RequestUtil; use Digest::SHA1; my $secret = "The Quick Brown Fox Jumps Over"; sub authen_cred { my($self,$r,$username,$password) = @_; my $session_key = $username.'::'.Digest::SHA1::sha1_hex($username,$secret); $r->log_error("cred: $username,$password -> $session_key"); # lots of stuff here return $session_key; } sub authen_ses_key { my ($self,$r,$session_key)=@_; my ($username,$mac) = split(/::/,$session_key); $r->log_error("ses: $username -> $session_key"); # check mac return $username; } 1;
Subject: credential1.mas
Download credential1.mas
application/octet-stream 682b

Message body not shown because it is not plain text.

Subject: access_log
Download access_log
application/octet-stream 893b

Message body not shown because it is not plain text.

Subject: http.conf
Download http.conf
application/octet-stream 811b

Message body not shown because it is not plain text.

  Wed Oct 01 14:26:52 2008 MSCHOUT [...] cpan.org - Correspondence added
You have incorrectly set the Path cookie attribute: PerlSetVar guardianPath /home/www/2work means that the cookie path will be set to /home/www/2work. That means the client will only send the cookie for URI's that begin with /home/www/2work. You probably wanted just / Regards, Michael Schout
  Wed Oct 01 14:26:54 2008 The RT System itself - Status changed from 'new' to 'open'
  Wed Oct 01 14:26:55 2008 MSCHOUT [...] cpan.org - Status changed from 'open' to 'resolved'
  Wed Oct 01 15:08:14 2008 peter [...] glossop.org - Correspondence added
Subject: Re: [rt.cpan.org #39747] Resolved: Authentication problems
Date: Wed, 1 Oct 2008 20:07:42 +0100
To: bug-Apache-AuthCookie [...] rt.cpan.org
From: peter collard <peter [...] glossop.org>
Works brilliantly - thanks very much for speedy response. On Wednesday 01 October 2008 19:26, MSCHOUT via RT wrote: Show quoted text
> <URL: http://rt.cpan.org/Ticket/Display.html?id=39747 > > > According to our records, your request has been resolved. If you have any > further questions or concerns, please respond to this message.
-- regards Peter C peter@glossop.org
  Wed Oct 01 15:08:16 2008 The RT System itself - Status changed from 'resolved' to 'open'
  Sun Feb 22 23:36:32 2009 MSCHOUT [...] cpan.org - Status changed from 'open' to 'resolved'