[cgiapp] Problem understanding using CAP::Authentication

[Gurunandan R. Bhat]

Hi,

    I have used CAP::Authentication in many projects with success and
had no problems understanding how it worked. Or so I thought, until...

    In every case that I have used it so far, all run-modes were
protected. I would just add: $app->authen->protected_runmodes(':all');
and everything would work like a charm.

    Recently I had to use it in a situation where some runmodes in a
single Controller class were protected and some not. In such a situation
everything goes haywire. Making all modes protected restores expected
behavior. Here is what I mix protected and unprotected modes in a single
Class:

1. If I visit an unprotected run-mode, it displays the correct content

2. If I visit a protected runmode, it correctly takes me to the login
page generated by the "login" runmode. The login runmode is just a
simple mode that creates a login form.

3. However if I submit this form with the correct username and password,
it just throws the form back to me. I have printed out the values of
$app->authen->is_authenticated and it is blank. 

4. If I make all runmodes protected again, everything works as expected.

I have checked that I am getting the same behaviour even when I use the
default form (and not my "login" runmode), so it cannot be an error in
naming form variables. 

Can some one help please.

Yours,
Cross-eyed from repeatedly reading the same code again and again