Score:0

REMOTE_USER missing in %ENV for Perl script on Apache 2.4

in flag

I'm trying to migrate a site from a super ancient server (6 or 7 years old!), and it uses AuthFormProvider file to log the user in. This seems to work, apart from the fact it doesn't pass along REMOTE_USER into %ENV{} in my Perl script. The trimmed down is:

<VirtualHost 123.123.123.123:8443>

    ServerName example.com
    ServerAlias www.example.com
    ServerAdmin [email protected]
    DocumentRoot /home/mysite/web/example.com/public_html
    Alias /vstats/ /home/mysite/web/example.com/stats/
    Alias /error/ /home/mysite/web/example.com/document_errors/
    #SuexecUserGroup mysite mysite
    CustomLog /var/log/apache2/domains/example.com.bytes bytes
    CustomLog /var/log/apache2/domains/example.com.log combined
    ErrorLog /var/log/apache2/domains/example.com.error.log
    <Directory /home/mysite/web/example.com/stats>
        AllowOverride All
    </Directory>
    <Directory /home/mysite/web/example.com/public_html>
        AllowOverride All
        SSLRequireSSL

        Options +ExecCGI +FollowSymLinks +MultiViews
        AllowOverride AuthConfig
        Require all granted
        AddHandler cgi-script .cgi .pl

    </Directory>

    <Directory /home/mysite/web/example.com/public_html/private/>
        AuthFormProvider file
        AuthUserFile "/home/mysite/web/example.com/public_html/cgi-bin/public/dbusers.db"
        AuthType form
        AuthName "Password Required"
        AuthFormLoginRequiredLocation "http://www.example.com/loginerror.shtml"
        AuthFormLoginSuccessLocation "http://www.example.com/cgi-bin/private/db.cgi"
        AuthFormLogoutLocation "https://www.example.com/loggedout.html"
        ErrorDocument 401 "/loginerror.shtml"
        Session On
        SessionCookieName session path=/
        Require valid-user

    </Directory>


    <Location "/dologin.html">
        SetHandler form-login-handler
        AuthFormLoginSuccessLocation "http://www.example.com/private/index.html"
        AuthFormLogoutLocation "http://www.example.com/loggedout.html"
        ErrorDocument 401 "/loginerror.shtml"
        AuthFormProvider file
        AuthUserFile "/home/mysite/web/example.com/public_html/cgi-bin/public/dbusers.db"
        AuthType form
        AuthName "Password Required"
        Session On
        SessionCookieName session path=/
        Require valid-user
    </Location>
    <Location "/dologout.html">
        SetHandler form-logout-handler
        AuthType form
        AuthName "Password Required"
        AuthUserFile "/home/mysite/web/example.com/public_html/public/dbusers.db"
        AuthFormLogoutLocation "http://www.example.com/loggedout.html"
        ErrorDocument 401 "/loginerror.shtml"
        Session On
        SessionMaxAge 1
        SessionCookieName session path=/
        Require valid-user
    </Location>

    <FilesMatch \.php$>
        SetHandler "proxy:unix:/run/php/php8.0-fpm-example.com.sock|fcgi://localhost"
    </FilesMatch>
    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0

    IncludeOptional /home/mysite/conf/web/example.com/apache2.ssl.conf_*
    IncludeOptional /etc/apache2/conf.d/*.inc
</VirtualHost>

Module wise, I have these enabled:

Loaded Modules:
 core_module (static)
 so_module (static)
 watchdog_module (static)
 http_module (static)
 log_config_module (static)
 logio_module (static)
 version_module (static)
 unixd_module (static)
 access_compat_module (shared)
 actions_module (shared)
 alias_module (shared)
 auth_basic_module (shared)
 auth_form_module (shared)
 authn_core_module (shared)
 authn_file_module (shared)
 authnz_fcgi_module (shared)
 authz_core_module (shared)
 authz_groupfile_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 cgi_module (shared)
 deflate_module (shared)
 dir_module (shared)
 env_module (shared)
 fcgid_module (shared)
 filter_module (shared)
 status_module (shared)
 mime_module (shared)
 mpm_prefork_module (shared)
 negotiation_module (shared)
 perl_module (shared)
 proxy_module (shared)
 proxy_fcgi_module (shared)
 remoteip_module (shared)
 reqtimeout_module (shared)
 request_module (shared)
 rewrite_module (shared)
 rpaf_module (shared)
 ruid2_module (shared)
 session_module (shared)
 session_cookie_module (shared)
 session_crypto_module (shared)
 setenvif_module (shared)
 socache_shmcb_module (shared)
 ssl_module (shared)
 suexec_module (shared)

What am I missing?

jp flag
It is not clear from which location your Perl script is called. I can see `AddHandler cgi-script` in `public_html` only and this section doesn't require authorization, so it won't get `REMOTE_USER` defined.
Andrew Newby avatar
in flag
@AlexD OMG.. you legend! Man I feel stupid now. It was missing /cgi-bin from the /private <Location> ... DUH! Works fine now :) There really does get a point in the day when you should just stop working!
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.