by After setting up a structure of handlers to move authorization from Basic to
cgi, it seems that no matter what approach I take, I cannot get the client
to the originally requested uri after authorization. I can dump content
from the handler, but cannot redirect, internal_redirect, etc.
This, I might add, is further complicated by embedding session ids into the
uri which I began extracting with a RewriteRule in httpd.conf and setting in
the ENV. But later I let them go through to the Access handler which
extracts the session id (if present) and sets the value in $r->notes (for
availability to subsequent handlers) and resets $r->uri with the new
sessionless URI and DECLINES to Authen. Authen, in turn, attempts to
validate the session and does and internal_redirect to /login upon failure.
/login is controlled by a content handler to prompt for username/password
and also creates a new session upon authorization. Invalid credentials
result in an appropriate error message and the login prompt. All is well up
to this point. Once credentials have been validated, I've not been able to
display the requested page -- it simply spins until timeout (it rather
sounds like it's stuck in a loop which does nothing continually validates
the session). BTW, I've also thrown in
return OK unless $r->is_initial_req; various other attempts at eliminating
looping.
Perhaps this should not even be handled by Access and Authen, but by a
single primary content handler on / which extracts session ids and redirects
upon validation, or prompts when invalid.
Thoughts, suggestions????
If you'd like to call, you can reach me here:
1-800-482-4567
--
Thanks,
Tim Tompkins
----------------------------------------------
Programmer / IS Technician
http://www.arttoday.com/