[cgiapp] CAP::Authentication, CA::Dispatch and CA::Server

George Hartzell hartzell at alerce.com
Wed Nov 5 14:29:17 EST 2008 

Richard Jones writes:
 > Anyone managing to get CAP::Authentication, CA::Dispatch and CA::Server 
 > working together?
 > 
 > In cgiapp_init:
 > 
 > $self->authen_config(
 >    ....
 >    LOGIN_URL => '/app/login', # CA::Server sends /app/* to Dispatch
 > );
 > 
 > Then in cgiapp_prerun:
 > 
 > $self->authen->username ?
 >    $self->authen->redirect_after_login :
 >      $self->authen->redirect_to_login;
 > 
 > In the case of a non-logged in user, this causes a redirection loop : 
 > 'Redirection limit for this URL exceeded. Unable to load the requested 
 > page. The site is redirecting the request in a way that will never 
 > complete.'
 > 
 > Using LOGIN_URL => '/login' (or 'login') gets over the redirect problem, 
 > but causes the address to switch to localhost:8080/login which is not a 
 > recognised app for CA::Server, unless I make it so, then we get the 
 > redirection loop again.
 > 
 > Using LOGIN_URL => '' (or no LOGIN_URL defined) loads the default login 
 > box and works fine, and re-directs to the Dispatch default page after login.
 > 
 > Switching to LOGIN_RUNMODE instead of LOGIN_URL causes the app to load 
 > the AUTOLOAD => \&_exception page - ie it can't find the runmode 
 > 'login', yet login() is the defined StartRunmode (using 
 > CAP::AutoRunmode) in the base app. module.
 > 
 > And if I replace $self->authen->redirect_to_login with 
 > $self->forward('login') it works fine, provided LOGIN_RUNMODE => 
 > 'login', otherwise I get the default login page.
 > 
 > So it looks like the LOGIN_URL/LOGIN_RUNMODE and redirect_to_login() 
 > functions aren't working with CA::Dispatch. Unfortunately the default 
 > login box is not an option as I *need* to use a custom login page.
 > 
 > I can't see where I've gone wrong since the default behaviour displaying 
 > the default login page seems to work OK. Presumably I've mis-configured 
 > CAP::Authen or CA::Dispatch somewhere?
 > -- 
 > Richard Jones

I have an app that's working under the newest CGI::Application::Server
(ran under CGI::Application::Dispatch::Server until I switched it over
now that CGI::Application::Server::VERSION 0.060 is out) using a
CGI::Application::Dispatch subclass and
CGI::Application::Plugin::Authentication.

My various runmodes share a common superclass (WebApp.pm).  In it I've
used 
  add_callback('init', 'foo_app_init')
to set up stuff.

In foo_app_init I have a call to 

  $self->authen->config(...
                        LOGIN_RUNMODE => 'foo_login',
		       );

where foo_login is added to all of the run modes by a call to
$self->run_modes(...) in that same foo_init sub and foo_login is
defined in WebApp.pm to just serve my custom login page via

  $self->tt_process('login.tmpl') 

It's not the same set up as you're using, but it does work.

I never call redirect_to_login, but have (e.g.)

sub setup {
  ....
  $self->authen->protected_runmodes( qr/.*/ );
}				     

in my specific subclasses (that use base qw( WebApp.pm) that I
described above.

What happens if you get rid of your check on the username, define a
LOGIN_RUNMODE, and protect stuff using protected_runmodes?

Can you boil down a broken example, or make the app available to me?

g.

More information about the cgiapp mailing list