Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things
 
PerlMonks  

Re: Embedding "user" CGI output into a mod_perl response

by perrin (Chancellor)
on May 10, 2006 at 01:44 UTC ( #548361=note: print w/replies, xml ) Need Help??


in reply to Embedding "user" CGI output into a mod_perl response

For access control, write a mod_perl handler that hooks into the Access or Authentication/Authorization phases of apache. The mod_perl docs have lots of information on this.

If you're using mod_perl 2, you can customize the output using an output filter written in perl. This is also in the mod_perl docs.

  • Comment on Re: Embedding "user" CGI output into a mod_perl response

Replies are listed 'Best First'.
Re^2: Embedding "user" CGI output into a mod_perl response
by bmcatt (Friar) on May 10, 2006 at 02:36 UTC
    Good ideas, but coming from the wrong side. I've already got the access and authentication pieces. While I might be able to tackle this with an output filter, that doesn't give me a good way to pre-empt the access and authentication aspects.

    I'm still pretty sure that there should be a way to, from a mod_perl2 handler, "pretend" to be Apache starting up a cgi script and then have the output available for further processing.

      I'm not following. Why can't you "pre-empt" the access and authentication? A mod_perl access handler can run for static files, CGI scripts, PHP, etc. It's a standard phase provided by the web server.

      I think you are overestimating how easy it is to do your own CGI. You can try copying some code from one of the perld HTTP daemons on CPAN, but there's a lot to deal with in terms of proper error handling and security. Better to let mod_cgi do it if you can.

        Hmmm... I'll have to ponder that. My original plan had been to use my existing framework only, for the cgi bits, hand the processing off to a "CGI masquerade" module, rather than needing to also do a separate access / authentication that is also used for the CGI-ish bits.

        I was thinking that there should be a way for me to run through mod_cgi directly from inside my handler rather than needing to let Apache do the mod_cgi processing. Also, I'd prefer to keep from exposing the .cgi scripts to the outside world.

        What you suggest is definitely an interesting approach and I hadn't thought of doing it that way. I'll need to investigate a little bit in how to do the access/authentication as well as building an output filter.

Re^2: Embedding "user" CGI output into a mod_perl response
by bmcatt (Friar) on May 10, 2006 at 19:26 UTC
    perrin, I am forced to bow to your mastery here... with appreciation.

    I haven't finished all the bits that I need, but it's definitely turning out to be significantly easier to do this as you suggested than I had originally feared. And, yes, this is mod_perl2, so I can do an output filter.

    For anyone else who cares, relevant code (and otherwise) fragments: (Names have been changed to protect the guilty...)

    httpd.conf

    PerlModule Foo::FooAuth PerlModule Foo::FooFilter <Location /foo/cgi-bin/foo.cgi> PerlOutputFilterHandler Foo::FooFilter PerlAuthenHandler Foo::FooAuth require valid-user </Location>
    Foo::FooAuth
    package Foo::FooAuth; use strict; use Apache2::Const qw(:common); use Foo::AuthAux; # Provides whoami - uses a cookie set elsewhere sub handler { my $r = shift; my $user = whoami($r); unless ($user) { $r->note_basic_auth_failure; return AUTH_REQUIRED; } $r->user($user); $r->subprocess_env(FOO => "bar+$user"); return OK; } 1;
    Foo::FooFilter
    package Foo::FooFilter; use strict; use Apache2::Filter; use Apache2::Const qw(:common); use Apache2::Request; use HTML::Template; use Foo::Config; # Provides $TMPL_PATH below use Foo::Auth; use Foo::AuthAux; # Provides whoami below my $BUFF_LEN = 8192; sub handler { my $f = shift; my $r = $f->r; my $fullbuf; while ($f->read(my $buf, $BUFF_LEN)) { $fullbuf .= $buf; } my $tmpl = HTML::Template->new(scalarref => \$fullbuf, path => $TMPL_PATH, die_on_bad_params => 0, ); my $user = whoami($r); my $userinfo = ISPNET::Auth::userinfo($user); $tmpl->param(_user => $user, _logo => $userinfo->{logo}, _logo_alt => $userinfo->{logo_alt}, # Set _home (would be $ENV{SCRIPT_NAME})... ); $f->print($tmpl->output); return OK; } 1;

    I'm still debating where to put the .cgi scripts (in the filesystem) and have to figure out how to reference them from elsewhere (which will be used to adjust the $tmpl->param(_home => ...) bits, but otherwise, it seems to be working nicely.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://548361]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (3)
As of 2022-05-18 06:01 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Do you prefer to work remotely?



    Results (68 votes). Check out past polls.

    Notices?