[cgiapp] Re: CAP::Authorization, CAP::AutoRunmode & CA::Dispatch

Richard Jones ra.jones at dpw.clara.co.uk
Wed Aug 12 18:59:54 EDT 2009 

Mark Stosberg wrote:
> On Tue, 11 Aug 2009 10:52:51 +0100
> Richard Jones <ra.jones at dpw.clara.co.uk> wrote:
> 
>> Am having some difficulty with the FORBIDDEN_RUNMODE param when using 
>> CAP::Authorization with CA::Dispatch. All my application classes inherit 
>> from a base class where I have defined the 'forbidden' runmode (using 
>> AutoRunmode syntax). But declaring FORBIDDEN_RUNMODE => 'forbidden' in 
>> authz->config() means that for some reason the classes loaded by 
>> CA::Dispatch - which all 'use base MyApp::Base' - can't find the 
>> forbidden() rm so return my error page instead.
> 
> I suggest looking into this a bit further. At the moment that the
> forbidden run mode can't be found, has it been registered in the
> run_modes() hash?

It looks like it isn't. If I define FORBIDDEN_RUNMODE => 
'my_forbidden_rm' in authz->config() in cgiapp_init(), and then in 
cgiapp_prerun():

use Data::Dumper; warn Dumper $self->run_modes();

I get:
$VAR1 = 'authz_forbidden';
$VAR2 = sub { "DUMMY" };
$VAR3 = 'default';
$VAR4 = 'default';
$VAR5 = 'login';
$VAR6 = 'login';
$VAR7 = 'authen_logout';
$VAR8 = sub { "DUMMY" };
$VAR9 = 'AUTOLOAD';
$VAR10 = sub { "DUMMY" };
$VAR11 = 'authz_dummy_redirect';
$VAR12 = sub { "DUMMY" };
$VAR13 = 'authen_dummy_redirect';
$VAR14 = sub { "DUMMY" };
$VAR15 = 'start';
$VAR16 = 'dump_html';

But if I set $self->run_modes( authz_forbidden => 'my_forbidden_rm' ) in 
cgiapp_prerun() and then (still in cgiapp_prerun) dump 
$self->run_modes() immediately after:

$VAR1 = 'default';
$VAR2 = 'default';
$VAR3 = 'authz_forbidden';
$VAR4 = 'my_forbidden_rm'; # <== here
$VAR5 = 'login';
$VAR6 = 'login';
$VAR7 = 'authen_logout';
$VAR8 = sub { "DUMMY" };
$VAR9 = 'AUTOLOAD';
$VAR10 = sub { "DUMMY" };
$VAR11 = 'authz_dummy_redirect';
$VAR12 = sub { "DUMMY" };
$VAR13 = 'authen_dummy_redirect';
$VAR14 = sub { "DUMMY" };
$VAR15 = 'start';
$VAR16 = 'dump_html';

And this time the forbidden runmode is found and returns its stuff. So 
presumably the forbidden rm is not being registered in cgiapp_init(). 
Is cgiapp_init() too early to define FORBIDDEN_RUNMODE, and its param 
gets clobbered in setup()? Could it be CAP::AutoRunmode be interfering? 
I'll run some more tests tomorrow.
-- 
Richard Jones

More information about the cgiapp mailing list