cormanaz has asked for the wisdom of the Perl Monks concerning the following question:

Good day monks. In a CGI application I am trying to get the name of the Apache htaccess-authorized user. According to the mod CGI docs remote_user ought to return this, but when I run following test script 
use CGI;
my $query = new CGI;
my $ref = $query->referer;
my $user = $query->remote_user;
my $addr = $query->remote_addr;
print $query->header(),$query->start_html(-title=>'Test');
print "referrer = $ref<br>remote user = $user<br>remote addr = $addr";
print $query->end_html();

[download]
I get the other two values but remote_user is null. Anyone know what I'm doing wrong?

tia.....Steve

Replies are listed 'Best First'.
Re: CGI getting htaccess userid
by ikegami (Patriarch) on Jan 11, 2006 at 19:36 UTC

    Either
    1) the script is not being run by Apache, or
    2) the script is not being protected.

    Make sure the htaccess is protecting the CGI's directory/file/location and that it protecting all submission methods (GET and PUT, and any other allowed method) for the directory. I've seen lots of .htaccess that use
    <Limit GET>Require valid-user</Limit>
    instead of just
    Require valid-user
    Omit the Limit. Why would anyone want to limit their security to just one submission method?

[reply]
[d/l]
[select]

      Try an additional print "env-remote_user: $ENV{REMOTE_USER}<br />"; which will also show you if it is set or not.

      Cheers, Sören

[reply]

        CGI's remote_user is simply 

        sub remote_user {
    return $ENV{'REMOTE_USER'};
}

        [download]

        No difference.

[reply]
[d/l]
[select]
Re: CGI getting htaccess userid
by merlyn (Sage) on Jan 11, 2006 at 19:51 UTC
    One very common problem is that you're requiring BasicAuth for GET but not POST, because you have the word "Limit" somewhere in your htaccess. Can you show us the relevant part of your htaccess? (And google for "don't limit the LIMITs", or something like that.)

    -- Randal L. Schwartz, Perl hacker
    Be sure to read my standard disclaimer if this is a reply.

[reply]
Re: CGI getting htaccess userid
by brian_d_foy (Abbot) on Jan 11, 2006 at 19:58 UTC

    The username should be in the environment variable REMOTE_USER.

    Rather than play around with CGI.pm and other things, for these situations I use a test script that prints out the complete environment. Look at the lowest level that you can. :) 

    #!/usr/bin/perl

print "Content-type: text/plain\n\n";

foreach my $key ( sort keys %ENV )
    {
    printf "%-25s %s\n", $key, $ENV{$key};
    }

    [download]
    --
    brian d foy <brian@stonehenge.com>
    Subscribe to The Perl Review
[reply]
[d/l]

Back to Seekers of Perl Wisdom