Plack auth under Apache fixed
User:
mcholste
Date: 5/24/2010 9:12 am
Date: 5/24/2010 9:12 am
Views: 875
Rating: 0
Rating: 0
Tatsuhiko Miyagawa got back to me with a really good workaround that
should work for CGI, FastCGI, and mod_perl(1|2) when using PSGI/Plack.
He pointed out that my fix was only a one-off and that
Plack::Middleware::Apache::Auth::Basic was not a good place to put it.
Instead, he recommended using mod_rewrite to alter the headers as
they come into Apache so that everything is corrected for Perl. He's
updated the module's documentation to show how to do it:
(in Apache config file)
RewriteEngine on
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
This will make Apache swap any "HTTP:Authorization" headers with the
Plack-compatible HTTP_AUTHORIZATION.
--Martin
should work for CGI, FastCGI, and mod_perl(1|2) when using PSGI/Plack.
He pointed out that my fix was only a one-off and that
Plack::Middleware::Apache::Auth::Basic was not a good place to put it.
Instead, he recommended using mod_rewrite to alter the headers as
they come into Apache so that everything is corrected for Perl. He's
updated the module's documentation to show how to do it:
(in Apache config file)
RewriteEngine on
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
This will make Apache swap any "HTTP:Authorization" headers with the
Plack-compatible HTTP_AUTHORIZATION.
--Martin
