[Catalyst] Remote authN not getting username from remote_user()

Trevor Leffler tleffler at uw.edu
Mon Sep 27 22:33:01 GMT 2010


The issue I'm seeing lies with Catalyst-Engine-Apache, which has not 
seen updates since Feb 2008.  Since that time, Catalyst::Request has 
added remote_user() to its API with the expectation that the various 
engines would use that over the deprecated user() method.  This leads to 
a code path where $c->req->can('remote_user') will eval true, but always 
return 'undef' under the Apache engine, which is exactly what's going on 
with the Remote authN credential module.

So, I've opened bugs under C::E::Apache with patch files that fix this 
issue as well as fix broken tests and minimally bring the code up to 
date with more current C::Runtime standards.



Trevor Leffler wrote:
> Stuart Watt wrote:
>>   On 9/22/2010 7:40 PM, Trevor Leffler wrote:
>>> Hi, I'm using:
>>> Catalyst::Runtime -- 5.80022
>>> Catalyst::Plugin::Authentication -- 0.10016
>>> I'm finding that C::Request->remote_user is not returning my username 
>>> when I have authenticated under apache, whereas the deprecated 
>>> C::R->user does.
>> Are you using SSL? Looking at the code, this can affect the 
>> environment variables used to transmit the remote name.
>> All the best
>> Stuart
> The behavior is the same for both http and https requests.  That is, 
> after a successful [AuthType Basic] authN to a non-SSL page, 
> C::R->remote_user returns 'undef' while C::R->user returns 'tleffler'.
> Thanks for the response though, I hadn't checked for that variable.
> It's a good point about how env vars are accessed... Is Catalyst using 
> (in my case, via mod_perl2) Apache2::RequestRec->user to get the 
> logged-in username?
> --Trevor
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/

More information about the Catalyst mailing list