Hi
I am trying to set variables for the Atlassian Crowd PerlAuthzHandler based upon the type of request that is being received by the apache server.
The chunk from my httpd.conf file looks something like the following:
<LocationMatch ^/path>
AuthType Basic
AuthName "Crowd Auth"
PerlAuthenHandler Apache::CrowdAuth
PerlAuthzHandler Apache::CrowdAuthz
PerlSetVar CrowdAppName app
PerlSetVar CrowdAppPassword *******
<Limit GET>
PerlSetVar CrowdAllowedGroups reader,writer
Require valid-user
</Limit>
<LimitExcept GET>
PerlSetVar CrowdAllowedGroups writer
Require valid-user
</LimitExcept>
</LocationMatch>
What I'd like is for members of the reader or writer groups to have GET access and only members of the writer group to have everything else (mainly for POST) access.
The problem seems to be that the 'PerlSetVar CrowdAllowedGroups writer' is overwriting the
'PerlSetVar CrowdAllowedGroups reader,writer' call for all requests, not just the method that I'm trying to limit each setting to. The opposite is the case if I swap the two lines around.
Am I doing anything obviously wrong? or is this just the way it works.
If it's just the way it is then does anyone have any ideas on how to call PerlSetVar with different values based upon the request type? or suggestions on a better way to do what I'm trying to do?
Thanks in advance,
Pat
