I'm trying to migrate a site from a super ancient server (6 or 7 years old!), and it uses AuthFormProvider file to log the user in. This seems to work, apart from the fact it doesn't pass along REMOTE_USER into %ENV{} in my Perl script. The trimmed down is:
<VirtualHost 123.123.123.123:8443>
ServerName example.com
ServerAlias www.example.com
ServerAdmin [email protected]
DocumentRoot /home/mysite/web/example.com/public_html
Alias /vstats/ /home/mysite/web/example.com/stats/
Alias /error/ /home/mysite/web/example.com/document_errors/
#SuexecUserGroup mysite mysite
CustomLog /var/log/apache2/domains/example.com.bytes bytes
CustomLog /var/log/apache2/domains/example.com.log combined
ErrorLog /var/log/apache2/domains/example.com.error.log
<Directory /home/mysite/web/example.com/stats>
AllowOverride All
</Directory>
<Directory /home/mysite/web/example.com/public_html>
AllowOverride All
SSLRequireSSL
Options +ExecCGI +FollowSymLinks +MultiViews
AllowOverride AuthConfig
Require all granted
AddHandler cgi-script .cgi .pl
</Directory>
<Directory /home/mysite/web/example.com/public_html/private/>
AuthFormProvider file
AuthUserFile "/home/mysite/web/example.com/public_html/cgi-bin/public/dbusers.db"
AuthType form
AuthName "Password Required"
AuthFormLoginRequiredLocation "http://www.example.com/loginerror.shtml"
AuthFormLoginSuccessLocation "http://www.example.com/cgi-bin/private/db.cgi"
AuthFormLogoutLocation "https://www.example.com/loggedout.html"
ErrorDocument 401 "/loginerror.shtml"
Session On
SessionCookieName session path=/
Require valid-user
</Directory>
<Location "/dologin.html">
SetHandler form-login-handler
AuthFormLoginSuccessLocation "http://www.example.com/private/index.html"
AuthFormLogoutLocation "http://www.example.com/loggedout.html"
ErrorDocument 401 "/loginerror.shtml"
AuthFormProvider file
AuthUserFile "/home/mysite/web/example.com/public_html/cgi-bin/public/dbusers.db"
AuthType form
AuthName "Password Required"
Session On
SessionCookieName session path=/
Require valid-user
</Location>
<Location "/dologout.html">
SetHandler form-logout-handler
AuthType form
AuthName "Password Required"
AuthUserFile "/home/mysite/web/example.com/public_html/public/dbusers.db"
AuthFormLogoutLocation "http://www.example.com/loggedout.html"
ErrorDocument 401 "/loginerror.shtml"
Session On
SessionMaxAge 1
SessionCookieName session path=/
Require valid-user
</Location>
<FilesMatch \.php$>
SetHandler "proxy:unix:/run/php/php8.0-fpm-example.com.sock|fcgi://localhost"
</FilesMatch>
SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
IncludeOptional /home/mysite/conf/web/example.com/apache2.ssl.conf_*
IncludeOptional /etc/apache2/conf.d/*.inc
</VirtualHost>
Module wise, I have these enabled:
Loaded Modules:
core_module (static)
so_module (static)
watchdog_module (static)
http_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
unixd_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
auth_basic_module (shared)
auth_form_module (shared)
authn_core_module (shared)
authn_file_module (shared)
authnz_fcgi_module (shared)
authz_core_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
fcgid_module (shared)
filter_module (shared)
status_module (shared)
mime_module (shared)
mpm_prefork_module (shared)
negotiation_module (shared)
perl_module (shared)
proxy_module (shared)
proxy_fcgi_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
request_module (shared)
rewrite_module (shared)
rpaf_module (shared)
ruid2_module (shared)
session_module (shared)
session_cookie_module (shared)
session_crypto_module (shared)
setenvif_module (shared)
socache_shmcb_module (shared)
ssl_module (shared)
suexec_module (shared)
What am I missing?
