subject:"Re\: \[Cosign\-discuss\] allow from host on location \/"

Re: [Cosign-discuss] allow from host on location /

2013-02-26 Thread Boian Mihailov

You are right, i understand it now. And it really returns 2.

Also config.h has that: 

/* Apache 2.x */
#define APACHE2 1
#define HAVE_MOD_AUTHZ_HOST 1
#define HAVE_AP_REGEX_H 1


-- 
Best Regards 
Boian Mihailov



On Tuesday, February 26, 2013 at 5:10 PM, Andrew Mortensen wrote:

> 
> On Feb 26, 2013, at 2:27 AM, Boian Mihailov  (mailto:boian.mihai...@cvalka.com)> wrote:
> 
> > reviewing the changes in 3.1.2 and the following version. Noticed the 
> > following: 
> > 
> > APACHE2_MINOR_VERSION="`${APXS2_SBINDIR}/${APXS2_TARGET} -v | \
> > sed -e '/^Server version:/!d' \
> > -e 's/.*Apache\/2\.\(@<:@0-9@:>@\)\..*/\1/g'`"
> > if test -n "${APACHE2_MINOR_VERSION}"; then
> > if test "${APACHE2_MINOR_VERSION}" -gt 0; then
> > AC_DEFINE(HAVE_MOD_AUTHZ_HOST)
> > fi
> > fi
> > And executing the command if I got it right: 
> > apache2 -v | sed -e '/^Server version:/!d' -e 
> > 's/.*Apache\/2\.\(@<:@0-9@:>@\)\..*/\1/g'
> > Returns: Server version: Apache/2.2.14 (Ubuntu)
> > 
> > Not really tested but, first test -n will pass, the second one will not, 
> > since it won't accept the string. 
> 
> Instead of doing this, why not look at common/config.h to see if 
> HAVE_MOD_AUTHZ_HOST is defined?
> 
> Regardless, the command you tried isn't how you'd run that command from the 
> shell. It's an escaped form that won't cause autoconf parsing problems:
> 
> 
> 
> Here's how the command is actually run:
> 
> bash$ apache2 -v | sed -e '/^Server version:/!d' -e 
> 's/.*Apache\/2\.\([0-9]\)\..*/\1/g'
> 2
> 
> You can check the actual configure script to confirm this:
> 
> bash$ grep -A 2 APACHE2_MINOR_VERSION configure | head -n 3
> APACHE2_MINOR_VERSION="`${APXS2_SBINDIR}/${APXS2_TARGET} -v | \
> sed -e '/^Server version:/!d' \
> -e 's/.*Apache\/2\.\([0-9]\)\..*/\1/g'`"
> 
> andrew
> 
> 
> 
> 
> > 
> > 
> > On Tue, Feb 26, 2013 at 8:02 AM, Boian Mihailov  > (mailto:boian.mihai...@cvalka.com)> wrote:
> > Its cosign-3.2.0, 3.2.0rc2 says the changelog. Still no luck so far with 
> > that. 
> > 
> > 
> > On Mon, Feb 25, 2013 at 9:09 PM, Andrew Mortensen  > (mailto:and...@weblogin.org)> wrote:
> > 
> > On Jan 29, 2013, at 9:33 AM, Boian Mihailov  > (mailto:boian.mihai...@cvalka.com)> wrote:
> > 
> > > Interesting note I can add, is that the same configuration with basic 
> > > auth is working fine. Any clues, greatly appreciated
> > 
> > Revisiting this. What version of mod_cosign are you running? 3.1.2 and up 
> > contain a fix for Apache 2.2 which ensures mod_authz_host is run after 
> > mod_cosign in the filter chain.
> > 
> > andrew
> > 
> > 
> > 
> > > 
> > > 
> > > On Tue, Jan 22, 2013 at 4:27 PM, Boian Mihailov 
> > > mailto:boian.mihai...@cvalka.com)> wrote:
> > > Apache/2.2.14 (Ubuntu 10.04)
> > > 
> > > Module Name: mod_authz_host.c
> > > Content handlers: none
> > > Configuration Phase Participation: Create Directory Config
> > > Request Phase Participation: Check Access
> > > Module Directives:
> > > order - 'allow,deny', 'deny,allow', or 'mutual-failure'
> > > allow - 'from' followed by hostnames or IP-address wildcards
> > > deny - 'from' followed by hostnames or IP-address wildcards
> > > Current Configuration:
> > > In file: /etc/apache2/apache2.conf
> > > 160: 
> > > 161: Order allow,deny
> > > 162: Deny from all
> > > : 
> > > In file: /etc/apache2/mods-enabled/alias.conf
> > > 17: 
> > > 20: Order allow,deny
> > > 21: Allow from all
> > > : 
> > > In file: /etc/apache2/mods-enabled/info.conf
> > > 8: 
> > > 10: Order deny,allow
> > > 11: Deny from all
> > > 12: Allow from localhost ip6-localhost
> > > 14: Allow from 10.10.10.1
> > > : 
> > > In file: /etc/apache2/mods-enabled/status.conf
> > > 8: 
> > > 10: Order deny,allow
> > > 11: Deny from all
> > > 12: Allow from localhost ip6-localhost
> > > : 
> > > In file: /etc/apache2/conf.d/linkchecker
> > > 4: 
> > > 7: Order allow,deny
> > > 8: Allow from all
> > > : 
> > > 11: 
> > > 12: Order deny,allow
> > > 13: Deny from all
> > > 14: Allow from 127.0.0.0/255.0.0.0
> > > 19: Allow from ::1/128
> > > : 
> > > In file: /etc/apache2/conf.d/phpmyadmin.conf
> > > 31: 
> > > 32: Order Deny,Allow
> > > 33: Deny from All
> > > : 
> > > 35: 
> > > 36: Order Deny,Allow
> > > 37: Deny from All
> > > : 
> > > In file: /etc/apache2/sites-enabled/example.com (http://example.com)
> > > 40: 
> > > 94: 
> > > 98: Allow from localhost 10.10.10.1
> > > : 
> > > 116: 
> > > 119: Allow from all
> > > : 
> > > : 
> > > 
> > > 
> > > Cosign module:
> > > 
> > > 94: 
> > > 95: CosignProtected On
> > > : 
> > > 116: 
> > > 118: CosignProtected Off
> > > : 
> > > : 
> > > 
> > > 
> > > --
> > > Best Regards
> > > Boian Mihailov
> > > 
> > > On Tuesday, January 22, 2013 at 3:32 PM, Mark Montague wrote:
> > > 
> > > > On January 19, 2013 9:44 , Boian Mihailov  > > > (mailto:boian.mihai...@cvalka.com)> wrote:
> > > > > No matter what I try, cosign auth always is required. Here is my 
> > > > > config.
> > > > > 
> >

Re: [Cosign-discuss] allow from host on location /

2013-02-26 Thread Andrew Mortensen


On Feb 26, 2013, at 2:27 AM, Boian Mihailov  wrote:

> reviewing the changes in 3.1.2 and the following version. Noticed the 
> following: 
> 
> APACHE2_MINOR_VERSION="`${APXS2_SBINDIR}/${APXS2_TARGET} -v | \
>   sed -e '/^Server version:/!d' \
>   -e 's/.*Apache\/2\.\(@<:@0-9@:>@\)\..*/\1/g'`"
> if test -n "${APACHE2_MINOR_VERSION}"; then
>   if test "${APACHE2_MINOR_VERSION}" -gt 0; then
>   AC_DEFINE(HAVE_MOD_AUTHZ_HOST)
>   fi
> fi
> And executing the command if I got it right: 
> apache2 -v | sed -e '/^Server version:/!d' -e 
> 's/.*Apache\/2\.\(@<:@0-9@:>@\)\..*/\1/g'
> Returns: Server version: Apache/2.2.14 (Ubuntu)
> 
> Not really tested but, first test -n will pass, the second one will not, 
> since it won't accept the string. 

Instead of doing this, why not look at common/config.h to see if 
HAVE_MOD_AUTHZ_HOST is defined?

Regardless, the command you tried isn't how you'd run that command from the 
shell. It's an escaped form that won't cause autoconf parsing problems:



Here's how the command is actually run:

bash$ apache2 -v | sed -e '/^Server version:/!d' -e 
's/.*Apache\/2\.\([0-9]\)\..*/\1/g'
2

You can check the actual configure script to confirm this:

bash$ grep -A 2 APACHE2_MINOR_VERSION configure | head -n 3
APACHE2_MINOR_VERSION="`${APXS2_SBINDIR}/${APXS2_TARGET} -v | \
sed -e '/^Server version:/!d' \
   -e 's/.*Apache\/2\.\([0-9]\)\..*/\1/g'`"

andrew




> 
> 
> On Tue, Feb 26, 2013 at 8:02 AM, Boian Mihailov  
> wrote:
> Its cosign-3.2.0, 3.2.0rc2 says the changelog. Still no luck so far with 
> that. 
> 
> 
> On Mon, Feb 25, 2013 at 9:09 PM, Andrew Mortensen  wrote:
> 
> On Jan 29, 2013, at 9:33 AM, Boian Mihailov  wrote:
> 
> > Interesting note I can add, is that the same configuration with basic auth 
> > is working fine. Any clues, greatly appreciated
> 
> Revisiting this. What version of mod_cosign are you running? 3.1.2 and up 
> contain a fix for Apache 2.2 which ensures mod_authz_host is run after 
> mod_cosign in the filter chain.
> 
> andrew
> 
> 
> 
> >
> >
> > On Tue, Jan 22, 2013 at 4:27 PM, Boian Mihailov  
> > wrote:
> > Apache/2.2.14 (Ubuntu 10.04)
> >
> > Module Name: mod_authz_host.c
> > Content handlers: none
> > Configuration Phase Participation: Create Directory Config
> > Request Phase Participation: Check Access
> > Module Directives:
> > order - 'allow,deny', 'deny,allow', or 'mutual-failure'
> > allow - 'from' followed by hostnames or IP-address wildcards
> > deny - 'from' followed by hostnames or IP-address wildcards
> > Current Configuration:
> > In file: /etc/apache2/apache2.conf
> >  160: 
> >  161:   Order allow,deny
> >  162:   Deny from all
> > : 
> > In file: /etc/apache2/mods-enabled/alias.conf
> >   17: 
> >   20:   Order allow,deny
> >   21:   Allow from all
> > : 
> > In file: /etc/apache2/mods-enabled/info.conf
> >8: 
> >   10:   Order deny,allow
> >   11:   Deny from all
> >   12:   Allow from localhost ip6-localhost
> >   14:   Allow from 10.10.10.1
> > : 
> > In file: /etc/apache2/mods-enabled/status.conf
> >8: 
> >   10:   Order deny,allow
> >   11:   Deny from all
> >   12:   Allow from localhost ip6-localhost
> > : 
> > In file: /etc/apache2/conf.d/linkchecker
> >4: 
> >7:   Order allow,deny
> >8:   Allow from all
> > : 
> >   11: 
> >   12:   Order deny,allow
> >   13:   Deny from all
> >   14:   Allow from 127.0.0.0/255.0.0.0
> >   19:   Allow from ::1/128
> > : 
> > In file: /etc/apache2/conf.d/phpmyadmin.conf
> >   31: 
> >   32:   Order Deny,Allow
> >   33:   Deny from All
> > : 
> >   35: 
> >   36:   Order Deny,Allow
> >   37:   Deny from All
> > : 
> > In file: /etc/apache2/sites-enabled/example.com
> >   40: 
> >   94:   
> >   98: Allow from localhost 10.10.10.1
> > :   
> >  116:   
> >  119: Allow from all
> > :   
> > : 
> >
> >
> > Cosign module:
> >
> >   94:   
> >   95: CosignProtected On
> > :   
> >  116:   
> >  118: CosignProtected Off
> > :   
> > : 
> >
> >
> > --
> > Best Regards
> > Boian Mihailov
> >
> > On Tuesday, January 22, 2013 at 3:32 PM, Mark Montague wrote:
> >
> >> On January 19, 2013 9:44 , Boian Mihailov  
> >> wrote:
> >>> No matter what I try, cosign auth always is required. Here is my config.
> >>>
> >>> [...]
> >>>  
> >>>  CosignProtected On
> >>>  Allow from 10.10.10.1
> >>>  Satisfy any
> >>>  
> >>>
> >>
> >> So, as Russ asked, what version of Apache HTTP Server are you running?  
> >> And what is mod_info showing in terms of the configuration and access 
> >> directive merging?
> >>
> >> --
> >>   Mark Montague
> >>
> >> m...@catseye.org
> >
> >
> >
> >
> > --
> > Best regards
> > Boian Mihailov
> > -

Re: [Cosign-discuss] allow from host on location /

2013-02-25 Thread Boian Mihailov

reviewing the changes in 3.1.2 and the following version. Noticed the
following:

APACHE2_MINOR_VERSION="`${APXS2_SBINDIR}/${APXS2_TARGET} -v | \
  sed -e '/^Server version:/!d' \
  -e 's/.*Apache\/2\.\(@<:@0-9@:>@\)\..*/\1/g'`"
if test -n "${APACHE2_MINOR_VERSION}"; then
  if test "${APACHE2_MINOR_VERSION}" -gt 0; then
  AC_DEFINE(HAVE_MOD_AUTHZ_HOST)
  fi
fi
And executing the command if I got it right:
*apache2 -v | sed -e '/^Server version:/!d' -e 's/.*Apache\/2\.\(@<:@0-9@
:>@\)\..*/\1/g'*
Returns: *Server version: Apache/2.2.14 (Ubuntu)*
*
*
Not really tested but, first test -n will pass, the second one will not,
since it won't accept the string.


On Tue, Feb 26, 2013 at 8:02 AM, Boian Mihailov
wrote:

> Its cosign-3.2.0, 3.2.0rc2 says the changelog. Still no luck so far with
> that.
>
>
> On Mon, Feb 25, 2013 at 9:09 PM, Andrew Mortensen wrote:
>
>>
>> On Jan 29, 2013, at 9:33 AM, Boian Mihailov 
>> wrote:
>>
>> > Interesting note I can add, is that the same configuration with basic
>> auth is working fine. Any clues, greatly appreciated
>>
>> Revisiting this. What version of mod_cosign are you running? 3.1.2 and up
>> contain a fix for Apache 2.2 which ensures mod_authz_host is run after
>> mod_cosign in the filter chain.
>>
>> andrew
>>
>>
>>
>> >
>> >
>> > On Tue, Jan 22, 2013 at 4:27 PM, Boian Mihailov <
>> boian.mihai...@cvalka.com> wrote:
>> > Apache/2.2.14 (Ubuntu 10.04)
>> >
>> > Module Name: mod_authz_host.c
>> > Content handlers: none
>> > Configuration Phase Participation: Create Directory Config
>> > Request Phase Participation: Check Access
>> > Module Directives:
>> > order - 'allow,deny', 'deny,allow', or 'mutual-failure'
>> > allow - 'from' followed by hostnames or IP-address wildcards
>> > deny - 'from' followed by hostnames or IP-address wildcards
>> > Current Configuration:
>> > In file: /etc/apache2/apache2.conf
>> >  160: 
>> >  161:   Order allow,deny
>> >  162:   Deny from all
>> > : 
>> > In file: /etc/apache2/mods-enabled/alias.conf
>> >   17: 
>> >   20:   Order allow,deny
>> >   21:   Allow from all
>> > : 
>> > In file: /etc/apache2/mods-enabled/info.conf
>> >8: 
>> >   10:   Order deny,allow
>> >   11:   Deny from all
>> >   12:   Allow from localhost ip6-localhost
>> >   14:   Allow from 10.10.10.1
>> > : 
>> > In file: /etc/apache2/mods-enabled/status.conf
>> >8: 
>> >   10:   Order deny,allow
>> >   11:   Deny from all
>> >   12:   Allow from localhost ip6-localhost
>> > : 
>> > In file: /etc/apache2/conf.d/linkchecker
>> >4: 
>> >7:   Order allow,deny
>> >8:   Allow from all
>> > : 
>> >   11: 
>> >   12:   Order deny,allow
>> >   13:   Deny from all
>> >   14:   Allow from 127.0.0.0/255.0.0.0
>> >   19:   Allow from ::1/128
>> > : 
>> > In file: /etc/apache2/conf.d/phpmyadmin.conf
>> >   31: 
>> >   32:   Order Deny,Allow
>> >   33:   Deny from All
>> > : 
>> >   35: 
>> >   36:   Order Deny,Allow
>> >   37:   Deny from All
>> > : 
>> > In file: /etc/apache2/sites-enabled/example.com
>> >   40: 
>> >   94:   
>> >   98: Allow from localhost 10.10.10.1
>> > :   
>> >  116:   
>> >  119: Allow from all
>> > :   
>> > : 
>> >
>> >
>> > Cosign module:
>> >
>> >   94:   
>> >   95: CosignProtected On
>> > :   
>> >  116:   
>> >  118: CosignProtected Off
>> > :   
>> > : 
>> >
>> >
>> > --
>> > Best Regards
>> > Boian Mihailov
>> >
>> > On Tuesday, January 22, 2013 at 3:32 PM, Mark Montague wrote:
>> >
>> >> On January 19, 2013 9:44 , Boian Mihailov 
>> wrote:
>> >>> No matter what I try, cosign auth always is required. Here is my
>> config.
>> >>>
>> >>> [...]
>> >>>  
>> >>>  CosignProtected On
>> >>>  Allow from 10.10.10.1
>> >>>  Satisfy any
>> >>>  
>> >>>
>> >>
>> >> So, as Russ asked, what version of Apache HTTP Server are you running?
>>  And what is mod_info showing in terms of the configuration and access
>> directive merging?
>> >>
>> >> --
>> >>   Mark Montague
>> >>
>> >> m...@catseye.org
>> >
>> >
>> >
>> >
>> > --
>> > Best regards
>> > Boian Mihailov
>> >
>> --
>> > Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
>> > MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
>> > with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
>> > MVPs and experts. ON SALE this month only -- learn more at:
>> >
>> http://p.sf.net/sfu/learnnow-d2d___
>> > Cosign-discuss mailing list
>> > Cosign-discuss@lists.sourceforge.net
>> > https://lists.sourceforge.net/lists/listinfo/cosign-discuss
>>
>>
>
>
> --
> Best regards
> Boian Mihailov
>



-- 
Best regards
Boian Mihailov
--
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Li

Re: [Cosign-discuss] allow from host on location /

2013-02-25 Thread Boian Mihailov

Its cosign-3.2.0, 3.2.0rc2 says the changelog. Still no luck so far with
that.


On Mon, Feb 25, 2013 at 9:09 PM, Andrew Mortensen wrote:

>
> On Jan 29, 2013, at 9:33 AM, Boian Mihailov 
> wrote:
>
> > Interesting note I can add, is that the same configuration with basic
> auth is working fine. Any clues, greatly appreciated
>
> Revisiting this. What version of mod_cosign are you running? 3.1.2 and up
> contain a fix for Apache 2.2 which ensures mod_authz_host is run after
> mod_cosign in the filter chain.
>
> andrew
>
>
>
> >
> >
> > On Tue, Jan 22, 2013 at 4:27 PM, Boian Mihailov <
> boian.mihai...@cvalka.com> wrote:
> > Apache/2.2.14 (Ubuntu 10.04)
> >
> > Module Name: mod_authz_host.c
> > Content handlers: none
> > Configuration Phase Participation: Create Directory Config
> > Request Phase Participation: Check Access
> > Module Directives:
> > order - 'allow,deny', 'deny,allow', or 'mutual-failure'
> > allow - 'from' followed by hostnames or IP-address wildcards
> > deny - 'from' followed by hostnames or IP-address wildcards
> > Current Configuration:
> > In file: /etc/apache2/apache2.conf
> >  160: 
> >  161:   Order allow,deny
> >  162:   Deny from all
> > : 
> > In file: /etc/apache2/mods-enabled/alias.conf
> >   17: 
> >   20:   Order allow,deny
> >   21:   Allow from all
> > : 
> > In file: /etc/apache2/mods-enabled/info.conf
> >8: 
> >   10:   Order deny,allow
> >   11:   Deny from all
> >   12:   Allow from localhost ip6-localhost
> >   14:   Allow from 10.10.10.1
> > : 
> > In file: /etc/apache2/mods-enabled/status.conf
> >8: 
> >   10:   Order deny,allow
> >   11:   Deny from all
> >   12:   Allow from localhost ip6-localhost
> > : 
> > In file: /etc/apache2/conf.d/linkchecker
> >4: 
> >7:   Order allow,deny
> >8:   Allow from all
> > : 
> >   11: 
> >   12:   Order deny,allow
> >   13:   Deny from all
> >   14:   Allow from 127.0.0.0/255.0.0.0
> >   19:   Allow from ::1/128
> > : 
> > In file: /etc/apache2/conf.d/phpmyadmin.conf
> >   31: 
> >   32:   Order Deny,Allow
> >   33:   Deny from All
> > : 
> >   35: 
> >   36:   Order Deny,Allow
> >   37:   Deny from All
> > : 
> > In file: /etc/apache2/sites-enabled/example.com
> >   40: 
> >   94:   
> >   98: Allow from localhost 10.10.10.1
> > :   
> >  116:   
> >  119: Allow from all
> > :   
> > : 
> >
> >
> > Cosign module:
> >
> >   94:   
> >   95: CosignProtected On
> > :   
> >  116:   
> >  118: CosignProtected Off
> > :   
> > : 
> >
> >
> > --
> > Best Regards
> > Boian Mihailov
> >
> > On Tuesday, January 22, 2013 at 3:32 PM, Mark Montague wrote:
> >
> >> On January 19, 2013 9:44 , Boian Mihailov 
> wrote:
> >>> No matter what I try, cosign auth always is required. Here is my
> config.
> >>>
> >>> [...]
> >>>  
> >>>  CosignProtected On
> >>>  Allow from 10.10.10.1
> >>>  Satisfy any
> >>>  
> >>>
> >>
> >> So, as Russ asked, what version of Apache HTTP Server are you running?
>  And what is mod_info showing in terms of the configuration and access
> directive merging?
> >>
> >> --
> >>   Mark Montague
> >>
> >> m...@catseye.org
> >
> >
> >
> >
> > --
> > Best regards
> > Boian Mihailov
> >
> --
> > Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
> > MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
> > with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
> > MVPs and experts. ON SALE this month only -- learn more at:
> >
> http://p.sf.net/sfu/learnnow-d2d___
> > Cosign-discuss mailing list
> > Cosign-discuss@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/cosign-discuss
>
>


-- 
Best regards
Boian Mihailov
--
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_feb___
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss

Re: [Cosign-discuss] allow from host on location /

2013-02-25 Thread Andrew Mortensen


On Jan 29, 2013, at 9:33 AM, Boian Mihailov  wrote:

> Interesting note I can add, is that the same configuration with basic auth is 
> working fine. Any clues, greatly appreciated   

Revisiting this. What version of mod_cosign are you running? 3.1.2 and up 
contain a fix for Apache 2.2 which ensures mod_authz_host is run after 
mod_cosign in the filter chain.

andrew



> 
> 
> On Tue, Jan 22, 2013 at 4:27 PM, Boian Mihailov  
> wrote:
> Apache/2.2.14 (Ubuntu 10.04)
> 
> Module Name: mod_authz_host.c
> Content handlers: none
> Configuration Phase Participation: Create Directory Config
> Request Phase Participation: Check Access
> Module Directives:
> order - 'allow,deny', 'deny,allow', or 'mutual-failure'
> allow - 'from' followed by hostnames or IP-address wildcards
> deny - 'from' followed by hostnames or IP-address wildcards
> Current Configuration:
> In file: /etc/apache2/apache2.conf
>  160: 
>  161:   Order allow,deny
>  162:   Deny from all
> : 
> In file: /etc/apache2/mods-enabled/alias.conf
>   17: 
>   20:   Order allow,deny
>   21:   Allow from all
> : 
> In file: /etc/apache2/mods-enabled/info.conf
>8: 
>   10:   Order deny,allow
>   11:   Deny from all
>   12:   Allow from localhost ip6-localhost
>   14:   Allow from 10.10.10.1
> : 
> In file: /etc/apache2/mods-enabled/status.conf
>8: 
>   10:   Order deny,allow
>   11:   Deny from all
>   12:   Allow from localhost ip6-localhost
> : 
> In file: /etc/apache2/conf.d/linkchecker
>4: 
>7:   Order allow,deny
>8:   Allow from all
> : 
>   11: 
>   12:   Order deny,allow
>   13:   Deny from all
>   14:   Allow from 127.0.0.0/255.0.0.0
>   19:   Allow from ::1/128
> : 
> In file: /etc/apache2/conf.d/phpmyadmin.conf
>   31: 
>   32:   Order Deny,Allow
>   33:   Deny from All
> : 
>   35: 
>   36:   Order Deny,Allow
>   37:   Deny from All
> : 
> In file: /etc/apache2/sites-enabled/example.com
>   40: 
>   94:   
>   98: Allow from localhost 10.10.10.1
> :   
>  116:   
>  119: Allow from all
> :   
> : 
> 
> 
> Cosign module:
> 
>   94:   
>   95: CosignProtected On
> :   
>  116:   
>  118: CosignProtected Off
> :   
> : 
> 
> 
> -- 
> Best Regards 
> Boian Mihailov
> 
> On Tuesday, January 22, 2013 at 3:32 PM, Mark Montague wrote:
> 
>> On January 19, 2013 9:44 , Boian Mihailov  wrote:
>>> No matter what I try, cosign auth always is required. Here is my config.
>>> 
>>> [...]
>>>  
>>>  CosignProtected On
>>>  Allow from 10.10.10.1
>>>  Satisfy any
>>>  
>>> 
>> 
>> So, as Russ asked, what version of Apache HTTP Server are you running?  And 
>> what is mod_info showing in terms of the configuration and access directive 
>> merging?
>> 
>> --
>>   Mark Montague
>>   
>> m...@catseye.org
> 
> 
> 
> 
> -- 
> Best regards
> Boian Mihailov
> --
> Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
> MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
> with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
> MVPs and experts. ON SALE this month only -- learn more at:
> http://p.sf.net/sfu/learnnow-d2d___
> Cosign-discuss mailing list
> Cosign-discuss@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/cosign-discuss


--
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_feb
___
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss

Re: [Cosign-discuss] allow from host on location /

2013-01-29 Thread Boian Mihailov

Interesting note I can add, is that the same configuration with basic auth
is working fine. Any clues, greatly appreciated


On Tue, Jan 22, 2013 at 4:27 PM, Boian Mihailov
wrote:

> Apache/2.2.14 (Ubuntu 10.04)
>
> *Module Name:* 
> mod_authz_host.c
> *Content handlers:* *none**Configuration Phase Participation:* Create
> Directory Config*Request Phase Participation:* Check Access*Module
> Directives:*order - *'allow,deny', 'deny,allow', or 'mutual-failure'*allow
> - *'from' followed by hostnames or IP-address wildcards*deny - *'from'
> followed by hostnames or IP-address wildcards**Current Configuration:**In
> file: /etc/apache2/apache2.conf* 160:  161:   Order *
> allow,deny* 162:   Deny *from all*: *In file:
> /etc/apache2/mods-enabled/alias.conf*  17:  "/usr/share/apache2/icons">  20:   Order *allow,deny*  21:   Allow *from
> all*: *In file: /etc/apache2/mods-enabled/info.conf*   8: 
>  /server-info>  10:   Order *deny,allow*  11:   Deny *from all*
>   12:   Allow *from localhost ip6-localhost*  14:   Allow *from 10.10.10.1
> *: *In file: /etc/apache2/mods-enabled/status.conf*   8: 
>  /server-status>  10:   Order *deny,allow*  11:   Deny *from all*
>   12:   Allow *from localhost ip6-localhost*: *In file:
> /etc/apache2/conf.d/linkchecker*   4:  "/usr/share/linkchecker/lconline/">   7:   Order *allow,deny*
>8:   Allow *from all*:   11:  "/lconline/lc.cgi">  12:   Order *deny,allow*  13:   Deny *from all*
>   14:   Allow *from 127.0.0.0/255.0.0.0*  19:   Allow *from ::1/128*
> : *In file: /etc/apache2/conf.d/phpmyadmin.conf*  31: 
>  /usr/share/phpmyadmin/libraries>  32:   Order *Deny,Allow*  33:   Deny *from
> All*:   35: 
>   36:   Order *Deny,Allow*  37:   Deny *from All*: *In
> file: /etc/apache2/sites-enabled/example.com*  40:   94:   
>  />  98: Allow *from localhost 10.10.10.1*:116:   
>  /cosign/valid> 119: Allow *from all*:   
> : 
>
> Cosign module:
>   94: 95: CosignProtected *On*:116:   
>  /cosign/valid> 118: CosignProtected *Off*:   
> : 
>
>
> --
> Best Regards
> Boian Mihailov
>
> On Tuesday, January 22, 2013 at 3:32 PM, Mark Montague wrote:
>
>  On January 19, 2013 9:44 , Boian Mihailov 
> wrote:
>
>  No matter what I try, cosign auth always is required. Here is my config.
>
>  [...]
>  
>  CosignProtected On
>  Allow from 10.10.10.1
>  Satisfy any
>  
>
>
> So, as Russ asked, what version of Apache HTTP Server are you running?
> And what is mod_info showing in terms of the configuration and access
> directive merging?
>
> --
>   Mark Montague
>   m...@catseye.org
>
>
>


-- 
Best regards
Boian Mihailov
--
Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
MVPs and experts. ON SALE this month only -- learn more at:
http://p.sf.net/sfu/learnnow-d2d___
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss

Re: [Cosign-discuss] allow from host on location /

2013-01-22 Thread Boian Mihailov

Apache/2.2.14 (Ubuntu 10.04)

Module Name: mod_authz_host.c 
(https://edviso.cvalka.com/server-info?mod_authz_host.c)
Content handlers: none
Configuration Phase Participation: Create Directory Config
Request Phase Participation: Check Access
Module Directives:
order - 'allow,deny', 'deny,allow', or 'mutual-failure'
allow - 'from' followed by hostnames or IP-address wildcards
deny - 'from' followed by hostnames or IP-address wildcards
Current Configuration:
In file: /etc/apache2/apache2.conf
 160: 
 161:   Order allow,deny
 162:   Deny from all
: 
In file: /etc/apache2/mods-enabled/alias.conf
  17: 
  20:   Order allow,deny
  21:   Allow from all
: 
In file: /etc/apache2/mods-enabled/info.conf
   8: 
  10:   Order deny,allow
  11:   Deny from all
  12:   Allow from localhost ip6-localhost
  14:   Allow from 10.10.10.1
: 
In file: /etc/apache2/mods-enabled/status.conf
   8: 
  10:   Order deny,allow
  11:   Deny from all
  12:   Allow from localhost ip6-localhost
: 
In file: /etc/apache2/conf.d/linkchecker
   4: 
   7:   Order allow,deny
   8:   Allow from all
: 
  11: 
  12:   Order deny,allow
  13:   Deny from all
  14:   Allow from 127.0.0.0/255.0.0.0
  19:   Allow from ::1/128
: 
In file: /etc/apache2/conf.d/phpmyadmin.conf
  31: 
  32:   Order Deny,Allow
  33:   Deny from All
: 
  35: 
  36:   Order Deny,Allow
  37:   Deny from All
: 
In file: /etc/apache2/sites-enabled/example.com
  40: 
  94:   
  98: Allow from localhost 10.10.10.1
:   
 116:   
 119: Allow from all
:   
: 


Cosign module:

  94:   
  95: CosignProtected On
:   
 116:   
 118: CosignProtected Off
:   
: 



-- 
Best Regards 
Boian Mihailov



On Tuesday, January 22, 2013 at 3:32 PM, Mark Montague wrote:

> On January 19, 2013 9:44 , Boian Mihailov  
> (mailto:boian.mihai...@cvalka.com) wrote:
> > No matter what I try, cosign auth always is required. Here is my config. 
> > 
> > [...]
> >  
> > CosignProtected On
> > Allow from 10.10.10.1
> > Satisfy any
> > 
> > 
> 
> So, as Russ asked, what version of Apache HTTP Server are you running?  And 
> what is mod_info showing in terms of the configuration and access directive 
> merging?
> 
> -- Mark Montague m...@catseye.org (mailto:m...@catseye.org) 

--
Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
MVPs and experts. ON SALE this month only -- learn more at:
http://p.sf.net/sfu/learnnow-d2d___
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss

Re: [Cosign-discuss] allow from host on location /

2013-01-22 Thread Mark Montague


On January 19, 2013 9:44 , Boian Mihailov  wrote:

No matter what I try, cosign auth always is required. Here is my config.

[...]

CosignProtected On
Allow from 10.10.10.1
Satisfy any




So, as Russ asked, what version of Apache HTTP Server are you running?  
And what is mod_info showing in terms of the configuration and access 
directive merging?


--
  Mark Montague
  m...@catseye.org

--
Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
MVPs and experts. ON SALE this month only -- learn more at:
http://p.sf.net/sfu/learnnow-d2d___
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss

Re: [Cosign-discuss] allow from host on location /

2013-01-19 Thread Russ Allbery

Boian Mihailov  writes:

> No matter what I try, cosign auth always is required. Here is my config. 

> 
> CosignProtected On
> Allow from 10.10.10.1
> Satisfy any
> 

Are you by any chance using Apache 2.4?  Apache 2.4 deprecates the "allow
from" syntax in favor of the new stackable authorization schemes and,
depending on your base Apache configuration, "allow from" may no longer do
anything.

If you're running Apache 2.4, make sure that mod_authz_host is enabled and
see if:

Require ip 10.10.10.1

instead of "allow from" and "satisfy any".

For more information, see:

http://httpd.apache.org/docs/2.4/mod/mod_authz_core.html#require

(Note that I only know about this because I ran into a similar problem
with WebAuth, and I'm not as familiar with Cosign and don't know for
certain how the new 2.4 authorization support interacts with
CosignProtected.  So I may be barking up entirely the wrong tree.)

-- 
Russ Allbery (r...@stanford.edu) 

--
Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
MVPs and experts. SALE $99.99 this month only -- learn more at:
http://p.sf.net/sfu/learnmore_122912
___
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss

Re: [Cosign-discuss] allow from host on location /

2013-01-19 Thread Boian Mihailov

No matter what I try, cosign auth always is required. Here is my config. 


ServerName wiki.example.com
DocumentRoot /opt/wiki
SSLEngine on
SSLCertificateFile/certs/example.com.crt
SSLCertificateKeyFile /certs/example.com.key
SSLCACertificateFile  /certs/example.com.ca

CosignProtected Off
CosignHostname  sso.example.com
CosignValidReference.*
CosignCheckIP never
CosignAllowValidationRedirect On
CosignValidationErrorRedirect https://sso.example.com/
CosignRedirect  https://sso.example.com/
CosignPostErrorRedirect https://sso.example.com/cosign/post_error.html
CosignCrypto /etc/cosign/certs/mod_cosign.key /etc/cosign/certs/mod_cosign.crt 
/etc/cosign/certs/CA
CosignRequireFactor ldap
CosignService wiki


CosignProtected On
Allow from 10.10.10.1
Satisfy any


SetHandler cosign
CosignProtected Off
Allow from all
Satisfy any




-- 
Best Regards 
Boian Mihailov



On Thursday, January 10, 2013 at 3:09 PM, Mark Montague wrote:

> On January 10, 2013 5:28 , Boian Mihailov  (mailto:boian.mihai...@cvalka.com)> wrote:
> > Hi everyone, i just finished the test install as described in the 
> > wiki. It works great.
> > I wanted to ask if it is possible to have something like this:
> > 
> > 
> > AllowOverride All
> > Order deny,allow
> > Allow from 192.168.0.100 127.0.0.1
> > Satisfy any
> > 
> > 
> > To allow certain addresses bypass CosignProtected On that is set on 
> > VirtualHost context.
> > 
> 
> 
> Yes. I've done this several times in the past, and I just tried it 
> again now (Apache HTTPD 2.2.15 + mod_cosign 3.2.0 under RHEL 6 64-bit) 
> and it worked fine.
> 
> If you encounter problems, it might be due to merging of configuration 
> sections. In this case, use mod_info to help troubleshoot the issue, 
> and/or make sure you specify a complete set of access control directives 
> in each affected context.
> 
> --
> Mark Montague
> m...@catseye.org (mailto:m...@catseye.org)
> 
> 
> --
> Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
> MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
> with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
> MVPs and experts. ON SALE this month only -- learn more at:
> http://p.sf.net/sfu/learnmore_122712
> ___
> Cosign-discuss mailing list
> Cosign-discuss@lists.sourceforge.net 
> (mailto:Cosign-discuss@lists.sourceforge.net)
> https://lists.sourceforge.net/lists/listinfo/cosign-discuss
> 
> 


--
Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
MVPs and experts. SALE $99.99 this month only -- learn more at:
http://p.sf.net/sfu/learnmore_122912___
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss

Re: [Cosign-discuss] allow from host on location /

2013-01-10 Thread Mark Montague

On January 10, 2013 5:28 , Boian Mihailov  wrote:
> Hi everyone, i just finished the test install as described in the 
> wiki. It works great.
> I wanted to ask if it is possible to have something like this:
>
> 
> AllowOverride All
> Order deny,allow
> Allow from 192.168.0.100 127.0.0.1
> Satisfy any
> 
>
> To allow certain addresses bypass CosignProtected On that is set on 
> VirtualHost context.

Yes.  I've done this several times in the past, and I just tried it 
again now (Apache HTTPD 2.2.15 + mod_cosign 3.2.0 under RHEL 6 64-bit) 
and it worked fine.

If you encounter problems, it might be due to merging of configuration 
sections.  In this case, use mod_info to help troubleshoot the issue, 
and/or make sure you specify a complete set of access control directives 
in each affected context.

--
   Mark Montague
   m...@catseye.org

--
Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
MVPs and experts. ON SALE this month only -- learn more at:
http://p.sf.net/sfu/learnmore_122712
___
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss

Re: [Cosign-discuss] allow from host on location /

Re: [Cosign-discuss] allow from host on location /

Re: [Cosign-discuss] allow from host on location /

Re: [Cosign-discuss] allow from host on location /

Re: [Cosign-discuss] allow from host on location /

Re: [Cosign-discuss] allow from host on location /

Re: [Cosign-discuss] allow from host on location /

Re: [Cosign-discuss] allow from host on location /

Re: [Cosign-discuss] allow from host on location /

Re: [Cosign-discuss] allow from host on location /

Re: [Cosign-discuss] allow from host on location /

11 matches

Site Navigation

Mail list logo

Footer information