[Catalyst] Remote authN not getting username from remote_user()
tleffler at uw.edu
Mon Sep 27 22:33:01 GMT 2010
The issue I'm seeing lies with Catalyst-Engine-Apache, which has not
seen updates since Feb 2008. Since that time, Catalyst::Request has
added remote_user() to its API with the expectation that the various
engines would use that over the deprecated user() method. This leads to
a code path where $c->req->can('remote_user') will eval true, but always
return 'undef' under the Apache engine, which is exactly what's going on
with the Remote authN credential module.
So, I've opened bugs under C::E::Apache with patch files that fix this
issue as well as fix broken tests and minimally bring the code up to
date with more current C::Runtime standards.
Trevor Leffler wrote:
> Stuart Watt wrote:
>> On 9/22/2010 7:40 PM, Trevor Leffler wrote:
>>> Hi, I'm using:
>>> Catalyst::Runtime -- 5.80022
>>> Catalyst::Plugin::Authentication -- 0.10016
>>> I'm finding that C::Request->remote_user is not returning my username
>>> when I have authenticated under apache, whereas the deprecated
>>> C::R->user does.
>> Are you using SSL? Looking at the code, this can affect the
>> environment variables used to transmit the remote name.
>> All the best
> The behavior is the same for both http and https requests. That is,
> after a successful [AuthType Basic] authN to a non-SSL page,
> C::R->remote_user returns 'undef' while C::R->user returns 'tleffler'.
> Thanks for the response though, I hadn't checked for that variable.
> It's a good point about how env vars are accessed... Is Catalyst using
> (in my case, via mod_perl2) Apache2::RequestRec->user to get the
> logged-in username?
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://firstname.lastname@example.org/
> Dev site: http://dev.catalyst.perl.org/
More information about the Catalyst