>>>> Matt Mallard 12/05/13 3:45 PM >>>
>Hi Keith,
>
> Have you tried 'PerlSetupEnv On' in the apache conf. I couldn't get
> %ENV using Dancer2 in mod_perl until I set this.
>
> I couldn't get CGI/FCGI to work properly with Dancer2 (they set up their
> own service on port
> 3000 instead of staying inside the CGI).
>
Actually I saw your thread earlier in the week about this so took a look at
"PerlSetupEnv". Unless I'm mistaken that's a mod_perl directive and the way I
have my app configured using CGI it won't make a difference. With my current
configuration %ENV makes it to my dancer code, it's just not making it to my
implementation of a Dancer::Plugin::Auth::Extensible provider in tact. A dump
shows a lot of %ENV keys get there but $ENV{REMOTE_USER} is gone for some
reason and that's the key I rely on to ensure the Apache::AuthCookie
authentication handlers have logged the user in.
> Regards,
> Matt
> On 6/12/2013 5:22 am, Keith Lawson wrote:
> > I didn't get any responses here or on IRC so I'm posting the solution I
> went with to get it archived.
> >
> >>>>> Keith Lawson 11/29/13 10:22 AM >>>
> >> Hello,
> >>
> >> I'm working on my first Dancer application and want to deploy it in our
> standard server environment here.
> >>
> >> For authentication/authz we have custom mod_perl auth handlers that set
> Apache environment variables with user ID, group membership etc. >I'm trying
> to write an implementation of Dancer::Plugin::Auth::Extensible::Provider that
> does auth/authz by reading those environment variables however %ENV isn't
> populated in my Dancer app. Looking at the source of public/dispatch.fcgi I
> noticed the following:
> >>
> >> # For some reason Apache SetEnv directives dont propagate
> >> # correctly to the dispatchers, so forcing PSGI and env here
> >> # is safer.
> >> set apphandler => 'PSGI';
> >> set environment => 'production';
> >>
> >> Can anyone tell me if it's possible to get %ENV through to my Dancer app
> or perhaps a different approach for auth/authz that uses $ENV{REMOTE_USER}
> and our custom Apache environment variables?
> >>
> > I never did get FCGI to work so I tried regular CGI, here's my apache
> config for my app:
> >
> > SetEnv DANCER_ENVIRONMENT "development"
> >
> >
> > AllowOverride None
> > Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
> > Order allow,deny
> > Allow from all
> > AddHandler cgi-script .cgi
> >
> >
> > ScriptAlias /filesafe /var/dancerdev/filesafe/public/dispatch.cgi
> >
> > This works but I had to comment out where %ENV keys were explicitly set
> in dispatch.cgi so that the Apache conf directives for dev/prod environment
> worked properly:
> >
> > --- dispatch.cgi.dist 2013-12-05 09:21:35.917592251 -0500
> > +++ dispatch.cgi 2013-12-05 09:20:06.912736198 -0500
> > @@ -6,8 +6,8 @@
> > # For some reason Apache SetEnv directives dont propagate
> > # correctly to the dispatchers, so forcing PSGI and env here
> > # is safer.
> > -set apphandler => 'PSGI';
> > -set environment => 'production';
> > +# set apphandler => 'PSGI';
> > +# set environment => 'production';
> >
> > my $psgi = path($RealBin, '..', 'bin', 'app.pl');
> > die "Unable to read startup script: $psgi" unless -r $psgi;
> >
> > My first crack at doing Dancer auth/authz was to write a provider for
> Dancer::Plugin::Auth::Extensible with subs that rely on %ENV like this:
> >
> > sub authenticate_user
> > {
> > my ($self, $username, $password) = @_;
> > return $ENV{REMOTE_USER};
> > }
> >
> > However I couldn't figure out why $ENV{REMOTE_USER} wasn't getting to
> the plugin so I gave up.
> >
> > I just ended up protecting portions of my new app with a stanza using
> our Apache2::AuthCookie auth handlers:
> >
> >
> > order allow,deny
> > allow from all
> > AuthType Site::LDAPCookieHandler2
> > AuthName dancerdev
> > PerlAuthenHandler Site::LDAPCookieHandler2->authenticate
> > PerlAuthzHandler Site::LDAPCookieHandler2->authorize
> > require valid-user
> > satisfy all
> >
> >
> > Then in my dancer app I protect portions like this:
> >
> > get '/priv/hello' => sub
> > {
> > die unless $ENV{REMOTE_USER};
> > return "Hi there ".$ENV{REMOTE_USER};
> > };
>>
>>
>> This won't solve authorization for me but I won't have a need for this in
>> this app.
>>
>>
>>> Thanks,
> >> Keith.
> >>
> >>
> >>
> >
> >
> --------------------------------------------------------------------------------
> > This information is directed in confidence solely to the person named
> above and may contain confidential and/or privileged material. This
> information may not otherwise be distributed, copied or disclosed. If you
> have received this e-mail in error, please notify the sender immediately via
> a return e-mail and destroy original message. Thank you for your cooperation.
> > _______________________________________________
> > dancer-users mailing list
> > [email protected]
> > http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
>
> _______________________________________________
> dancer-users mailing list
> [email protected]
> http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
>
>
--------------------------------------------------------------------------------
This information is directed in confidence solely to the person named above and
may contain confidential and/or privileged material. This information may not
otherwise be distributed, copied or disclosed. If you have received this e-mail
in error, please notify the sender immediately via a return e-mail and destroy
original message. Thank you for your cooperation.
_______________________________________________
dancer-users mailing list
[email protected]
http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
