On Fri, Oct 9, 2009 at 1:26 PM, Barry Scott <barry.sc...@onelan.co.uk> wrote: > Jeff Trawick wrote: >> >> On Fri, Oct 9, 2009 at 12:04 PM, Barry Scott <barry.sc...@onelan.co.uk> >> wrote: >> >>> >>> This has been filed as issue >>> https://issues.apache.org/bugzilla/show_bug.cgi?id=47973 >>> >>> Further testing of our application has shown up a problem using >>> mod_fcgid 2.3.4. >>> >>> With the following configuration we are seeing the request body >>> of POST messages get stripped out if FcgidAuthorizer is used for >>> Location /player. If we comment out the "Require onelan magic" the >>> POSTs work. >>> >>> Looking at bridge_request we see the code is reading the input buckets >>> and feeding then to the Authorizer. >>> >>> It seems to us that: >>> >>> Either this must not happen if the fcgid is an authorizer >>> >> >> right >> >> >>> >>> or the buckets must be put back for whatever handles >>> the POST to process. >>> >>> Barry >>> >> >> See patch attached to the PR. Thanks! >> >> > > No joy I get internal server error. > > But the patch below works for my case. > > Note: I don't understand the details of HTTPD to know if this patch is > going to cause problems in other use cases, or indeed is only working > by luck.
I'll have a look; thanks! > > One test that needs doing is to have a Responder and an Authorizer running > for the same request. I'll see if I can do that test for you next week with > the pieces > I have. Chris Darroch has a patch for that, which is a small part of http://people.apache.org/~chrisd/patches/mod_fcgid_auth/mod_fcgid-1auth-trunk.patch which applies to the old mod_fcgid 2.2 but which he has submitted here for inclusion. If you get stuck, look in there at some of the checks for role == responder, one or more of which are for the responder+authorizer-on-same-request issue.
