I have encountered a problem with Apache2::AuthCookie (version
3.10). I have created a module which inherits from
Apache2::AuthCookie, and configured a PerlAuthenHandler and a
PerlAuthzHandler for a given Location.

File requests works ok, but not directory requests, I suspect this is
related to apache issuing subrequests. (When a client visits
directories, mod_dir kicks in to resolve this, (using DirectoryIndex)
into a suitable index file (typically index.html)).

The problem I encounter is that the authenticated user is not
propagated into to the subrequest, so my auth-handler can not do its
job. The following code is from Apache2::AuthCookie.pm:

unless ($r->is_initial_req) {
if (defined $r->prev) {
# we are in a subrequest. Just copy user from previous request.
$r->user( $r->prev->user );

I observe that $r->is_initial_req is false (as it should be), but
$r->prev is undefined, so the authenticated user is not copied into
the request record. I have verified that the authenticated username
is available via $r->main->user.

Why does $r->prev return undef in this case?

Would it be ok to copy the autenticated username from $r->main->user
instead here?

- Vegard -