6.2. Access Control with mod_perl

This section shows you how to write a simple access control handler in mod_perl.

6.2.1. A Simple Access Control Module

To create an access control module, you'll install a handler for the access control phase by adding a PerlAccessHandler directive to one of Apache's configuration files or to a per-directory .htaccess file. The access control handler has the job of giving thumbs up or down for each attempted access to the URI. The handler indicates its decision in the result code it returns to the server. OK will allow the user in, FORBIDDEN will forbid access by issuing a 403 status code, and DECLINED will defer the decision to any other access control handlers that may be installed.

We begin with the simplest type of access control, a stern module called Apache::GateKeeper (Example 6.1). Apache::GateKeeper recognizes a single configuration variable named Gate. If the value of Gate is open, the module allows access to the URI under its control. If the value of Gate is closed, the module forbids access. Any other value results in an "internal server error" message.

The code is straightforward. It begins in the usual way by importing the common Apache and HTTP constants from Apache::Constants :

package Apache::GateKeeper;
# file: Apache/GateKeeper.pm
use strict;
use Apache::Constants qw(:common);

sub handler {
    my $r = shift;
    my $gate = $r->dir_config("Gate");
    return DECLINED unless defined $gate;
    return OK if lc($gate) eq 'open';

When the handler ...

Get Writing Apache Modules with Perl and C now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.