mod_perl basic auth, $r->user() fails

Tag: perl , mod-perl Author: i3hmk Date: 2011-08-24

We have a project that uses mod_perl2 and mason.

The problem I'm facing is getting the user authenticated using apache basic auth, from .htaccess .

In cgi enviroment I can get that from $ENV{REMOTE_USER}

In mod_perl I should be able to get it using $r->user(), which unfortunately returns undef.

Also no luck with $r->connection->user()

I've also tried CGI::Apache2::Wrapper, $cgi->remote_user() and $cgi->user_name() again with no luck.

The only way it works is calling $r->headers_in->get('Authorization') which returns something like: 'Basic dGhlZHJpdmVyaXM6eGVudXByZQ=='

Any ideea why $r->user() fails? Thanks

Do you have Apache2::RequestRec loaded?
Sorry for the delay, yes Apache2::RequestRec is loaded

Other Answer1

I suspect that $r->user() is only set when mod_perl2 does the authentication, not when apache does it.

Try adding:

my ($res, $sent_pw) = $r->get_basic_auth_pw;

above the call to $r->user(). This might trigger the module to decode the Authorization header.

or, you could manually base64 dcode the Authorization header:

my $auth = $r->headers_in->get('Authorization');
my $username = (split(/:/,APR::Base64::decode((split(/ /,$auth))[1])))[0];