RE: [DIGEST] mod_perl digest 12/10/2000
yack... sorry guys, hope I didn't offend anyone. I really have to stop doing these monday morning... mailing list highlights o Although everyone ought to know by now that Apache 1.3.14 requires should have been... o There were several threads discussing benchmarking this week: Apache::Session [10] Template Toolkit [11] Hello World 2000 [12] again, my humble apologies... --Geoff
Re: Unset PerlAuthenHandler (I wish)
Jeff Sheffield ([EMAIL PROTECTED]) said something to this effect on 12/18/2000: here is a portion of my conf file. -- Location /websites/foo.net/htdocs/ AuthName "foo" AuthType Basic *snip* Are you sure you want a Location here? This looks like it should be a Directory section... (darren) -- The major difference between a thing that might go wrong and a thing that cannot possibly go wrong is that when a thing that cannot possibly go wrong goes wrong it usually turns out to be impossible to get at or repair. -- Douglas Adams, 'Mostly Harmless'
Re: Unset PerlAuthenHandler (I wish)
Essentially I want to do this. Unset PerlAuthenHandler Try: LocationMatch /websites/foo.net/htdocs/passwd_forgoten/ PerlInitHandler "sub {$_[0]-set_handlers(PerlAuthenHandler=undef);}" /LocationMatch I think this should be: ... set_handlers(PerlAuthenHandler = [\OK]); -- Eric
RE: Unset PerlAuthenHandler (I wish)
Removes all PerlAuthenHandlers: LocationMatch /websites/foo.net/htdocs/passwd_forgoten/ PerlInitHandler "sub {$_[0]-set_handlers(PerlAuthenHandler=undef);}" /LocationMatch Creates a single PerlAuthenHandler whose sole function is to return OK. I think this should be: ... set_handlers(PerlAuthenHandler = [\OK]); Both work, but why set up a handler that does nothing?
Problem in loading Apache::DBI
I get following error when i do perl -e 'use Apache::Status;use Apache::DBI' Can't locate object method "module" via package "Apache" at /usr/lib/perl5/site_perl/5.6.0/Apache/DBI.pm line 202. Compilation failed in require at -e line 1. BEGIN failed--compilation aborted at -e line 1. the problem is when preparing menu_item for Apache::Status method module is not found under Apache, do i have to install some other Apache module? anyway i commented out the if part and made it work like Apache::Status->menu_item( 'DBI' => 'DBI connections', sub { my($r, $q) = @_; my(@s) = qw(TABLE>TR>TD>Datasource/TD>TD>Username/TD>/TR>); for (keys %Connected) { push @s, 'TR>TD>', join('/TD>TD>', (split($;, $_))[0,1]), "/TD>/TR>\n"; } push @s, '/TABLE>'; return \@s; } ); # ) if ($INC{'Apache.pm'} and Apache->module('Apache::Status')); is it correct ? why shouldn't it load without any modifications ? Regards Mallah -- Rajesh Kumar Mallah, Learning Universe Pvt. Ltd, Piccadily House, 4th Floor, 275-276, Capt. Gaur Marg, Okhla, Sriniwas puri, New Delhi 110 065. M : +919811255597 T : 91-11 6931601-04 W : http://www.egurucool.com E : [EMAIL PROTECTED]
Re: Apache::Session::MySQL question regarding lenght of _session_id
On Mon, 18 Dec 2000, Andreas Marienborg wrote: I just can't seem to find any info on how to specify that Apache::Session should create session_id's that are shorter than 32 hex chars? could someone point me in the right direction?? You can use the argument 'IDLength' when using Apache::Session::Generate::MD5 (the default), or you can replace that class with your own class to generate the IDs you desire. See the obscure Apache::Session::Generate::MD5 perldoc. -jwb
Re: fork inherits socket connection
Yes, yes, yes it was a bad suggestion. Sorry about that. I still didn't complete this section, looking for a clean solution to find a way to close only the fd that keeps the socket busy. So far you can use the closing fds in loop -- at least it works. yuck... you'd either have to find some way to extract that information directly from apache, or loop through all the file descriptors calling getsockname() and then close any descriptor connected to port 80/443/? (depends how your daemon is setup, if you've got multiple Listen statements you will have to close multiple sockets ... but normally it would just be one or two (port 0.0.0.0:80 and/or 0.0.0.0:443) -- [EMAIL PROTECTED] | Don't go around saying the world owes you a living; http://BareMetal.com/ | the world owes you nothing; it was here first. web hosting since '95 | - Mark Twain
Re: fork inherits socket connection
On Tue, 19 Dec 2000, Tom Brown wrote: Yes, yes, yes it was a bad suggestion. Sorry about that. I still didn't complete this section, looking for a clean solution to find a way to close only the fd that keeps the socket busy. So far you can use the closing fds in loop -- at least it works. yuck... you'd either have to find some way to extract that information directly from apache, or loop through all the file descriptors calling getsockname() and then close any descriptor connected to port 80/443/? (depends how your daemon is setup, if you've got multiple Listen statements you will have to close multiple sockets ... but normally it would just be one or two (port 0.0.0.0:80 and/or 0.0.0.0:443) The Apache API ap_note_cleanups_for_socket(p, s); does that, I'm trying to work this out with Apache::SubProcess. It works if you call system/exec, but I'm still looking to make it working with code running within fork without calling any variant of execve. I'll keep your posted, so far you have at least one working solution, even not the nicest one. _ Stas Bekman JAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide http://perl.apache.org/guide mailto:[EMAIL PROTECTED] http://apachetoday.com http://logilune.com/ http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
HTTP authentication based sessioning with logout ability
Hi there. I've been trying to write a system to perform authentication using the www-authenticate (http authenatication) method. However, I need a client visiting the page and having been authenticated to be able to logout and have their browser forget the information (or at least be able to force the browser to re-authenticate within the same browser session). As most browsers cache login details (sensibly - you don't want to enter your login details for each page you visit) the best system I can think of is to use dynamic realms. This would mean that when someone first visits the site, they will be given a random/sequential realm. When they then click on a logout button, the old realm is discarded, and if the browser tries to authenticate with the same realm it is refused (or alternatively the server just starts sending a different realm and the browser re-authenticates on the new realm). Significantly, the system needs to be accessible by several people simultaneously. The purpose is actually to allow someone accessing the site to log in, be served dynamic content on the basis of username (which I'm already doing), but have the option to log out and then back in as a different user. I've been looking at different ways to do this, but haven't had any sucess as of yet. My first attempt was to use the module mod_auth_external to deal with authentication using a perl script (which would allow me to arbitrarily refuse login details even if they are correct, on the basis of other details such as realm). This is my preferable method (mainly because I understand it), but it seems that there's no way to integrate the realm into the auth_external system. This means that although I could refuse a username and password, I can't change the realm dynamically, and so I can't force the browser to re-authenticate (and without the realm information being passed to the script, I don't know if a visitor has re-authenticated with the same username or if their browser has simply sent the cached copy of the details). After searching around for methods of dynamically assigning an authname, I stumbled across mod_perl. I've never in my life even looked at mod_perl (and I don't really understand object-oriented perl, I'm sorry to say - I came from a BASIC background - in more ways than one apparently). I also found an example script for assigning dynamic realms, but haven't been able to get it to work. I have only been trying for a day, and I know it's bad of me to resort to a mailing list after such a short space of time, but I've trawled the Web for as much information as I can find but with no success. The example mod_perl script I found was as follows: From http://www.davin.ottawa.on.ca/archive/modperl/2000-09/msg00839.phtml # Here's a simple handler that will set the AuthType and AuthName dynamically and handle the authentication for you. This handler will prompt you for a password when you try to acess /manual with the AuthName, "The Manual" and prompt with the AuthName "The Icons" when you try to access /icons. These urls are part of Apaches basic installation (that's if you did not remove the manual from your htdocs directory). The authentication phase will let you in just as long you supply a username and password. You can of course code such that it you can authenicate against a .htpassword file, using Apache::Htpasswd. Anyhow, this should show you that you can indeed change the AuthName on-the-fly and also handle authentication without having to include AuthName,AuthType,AuthUserFile explicitly in your httpd.conf. Note: the authentication subroutine acted flaky, sometimes it worked and other times it didn't. But the realms did change for the each uri. i hope this helps youhave fun ;) Setting it up: In your httpd.conf ( in a global area): PerlHeaderParserHandler Apache::SetRealm; =code package Apache::SetRealm; use Apache; use Apache::Constants qw(:common); sub handler { my $r = shift; ## Make Apache aware the we want to also handle the Authentication phase using a custom ## handler, in this case the subroutine authenticate() $r-push_handlers(PerlAuthenHandler = \authenticate); my $uri = $r-uri; ## only handle uri that are defined as protected, in this case the only protected ## uri's are /icons and /manuals return OK unless is_protected($r); my $realm = get_realm($r); ## Construct the Header Field containing the type of authenticate (Basic) and our ## realmname return by get_realm() my $authheader = 'Basic realm="'.$realm.'"'; $r-header_out("WWW-Authenticate" ,$authheader); ## Return 401 to browser and prompt for login $r-status(AUTH_REQUIRED); $r-send_http_header("text/html"); return AUTH_REQUIRED; } sub get_realm { ## Get the AuthName for a specific uri. You can probably read these off of a file that
Re: HTTP authentication based sessioning with logout ability
Hi there, On Tue, 19 Dec 2000 [EMAIL PROTECTED] wrote: [Reams and reams of stuff snipped, without apology] Basically I was hoping someone could point me in the right direction for what to try next. http://perl.apache.org/guide [more reams snipped] I know it's bad of me to resort to a mailing list after such a short space of time, Yup. but I've trawled the Web for as much information as I can find but with no success. [final snip] Try trawling some more on perl.apache.org and maybe CPAN... 73, Ged.
RE: HTTP authentication based sessioning with logout ability
-Original Message- From: G.W. Haywood [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 19, 2000 1:38 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: HTTP authentication based sessioning with logout ability Hi there, On Tue, 19 Dec 2000 [EMAIL PROTECTED] wrote: [Reams and reams of stuff snipped, without apology] I'd append to Ged's comments with: The Eagle book is your friend - the answer to return OK if $r-sub_request; [Tue Dec 19 17:32:04 2000] [error] Can't locate object method "sub_request" via package "Apache" at /usr/lib/perl5/5.6.0/i386-linux/raxware/AssignRealm.pm line 85. can be found within (hint, there's no sub_request() method, and had you read Doug's follow-up to the post you sent you would have seen that :) in fact, you don't have to even buy the book - convienently http://www.modperl.com/book/chapters/ch6.html is online and contains the answers you crave (but supporting Doug's hard work and smarts is, well, smart - just go buy it) in general, though, you'd be better off using shrink-wrapped stuff from CPAN (such as the many Apache::Auth* modules that are out there.) especially if you don't have the time to learn all the nuances of what is going on... good luck and welcome to the community... --Geoff
Re: HTTP authentication based sessioning with logout ability
I would think that non-persistent cookies would be the ticket. Certainly dynamic realms would accomplish what you want, but really all your doing is using the realm like a cookie. Cookies have a number of advantages. For one thing, they're reasonably straight forward to manage. Secondly, you can encrypt a timestamp on a cookie. And that's important because WEB users are notoriously bad at remembering to logout. The value of the timestamp is that it can become an idle timeout mechanism, so even if a user goes away and then comes back later, he or she has been logged out just based on inactivity. -- Rob --On Tuesday, December 19, 2000 06:28:16 PM + [EMAIL PROTECTED] wrote: Hi there. I've been trying to write a system to perform authentication using the www-authenticate (http authenatication) method. However, I need a client visiting the page and having been authenticated to be able to logout and have their browser forget the information (or at least be able to force the browser to re-authenticate within the same browser session). As most browsers cache login details (sensibly - you don't want to enter your login details for each page you visit) the best system I can think of is to use dynamic realms. This would mean that when someone first visits the site, they will be given a random/sequential realm. When they then click on a logout button, the old realm is discarded, and if the browser tries to authenticate with the same realm it is refused (or alternatively the server just starts sending a different realm and the browser re-authenticates on the new realm). Significantly, the system needs to be accessible by several people simultaneously. The purpose is actually to allow someone accessing the site to log in, be served dynamic content on the basis of username (which I'm already doing), but have the option to log out and then back in as a different user. I've been looking at different ways to do this, but haven't had any sucess as of yet. My first attempt was to use the module mod_auth_external to deal with authentication using a perl script (which would allow me to arbitrarily refuse login details even if they are correct, on the basis of other details such as realm). This is my preferable method (mainly because I understand it), but it seems that there's no way to integrate the realm into the auth_external system. This means that although I could refuse a username and password, I can't change the realm dynamically, and so I can't force the browser to re-authenticate (and without the realm information being passed to the script, I don't know if a visitor has re-authenticated with the same username or if their browser has simply sent the cached copy of the details). After searching around for methods of dynamically assigning an authname, I stumbled across mod_perl. I've never in my life even looked at mod_perl (and I don't really understand object-oriented perl, I'm sorry to say - I came from a BASIC background - in more ways than one apparently). I also found an example script for assigning dynamic realms, but haven't been able to get it to work. I have only been trying for a day, and I know it's bad of me to resort to a mailing list after such a short space of time, but I've trawled the Web for as much information as I can find but with no success. The example mod_perl script I found was as follows: From http://www.davin.ottawa.on.ca/archive/modperl/2000-09/msg00839.phtml # Here's a simple handler that will set the AuthType and AuthName dynamically and handle the authentication for you. This handler will prompt you for a password when you try to acess /manual with the AuthName, "The Manual" and prompt with the AuthName "The Icons" when you try to access /icons. These urls are part of Apaches basic installation (that's if you did not remove the manual from your htdocs directory). The authentication phase will let you in just as long you supply a username and password. You can of course code such that it you can authenicate against a .htpassword file, using Apache::Htpasswd. Anyhow, this should show you that you can indeed change the AuthName on-the-fly and also handle authentication without having to include AuthName,AuthType,AuthUserFile explicitly in your httpd.conf. Note: the authentication subroutine acted flaky, sometimes it worked and other times it didn't. But the realms did change for the each uri. i hope this helps youhave fun ;) Setting it up: In your httpd.conf ( in a global area): PerlHeaderParserHandler Apache::SetRealm; =code package Apache::SetRealm; use Apache; use Apache::Constants qw(:common); sub handler { my $r = shift; ## Make Apache aware the we want to also handle the Authentication phase using a custom ## handler, in this case the subroutine authenticate()
Take23 expected downtime
Take23 will be down today for a supposed 30 minutes due to a firmware update at my ISP. Expect it to take longer than that though :-) I don't have an exact time when they'll be doing it either, so please be patient if you can't connect today. Thanks. -- Matt/ /||** Director and CTO ** //||** AxKit.com Ltd ** ** XML Application Serving ** // ||** http://axkit.org ** ** XSLT, XPathScript, XSP ** // \\| // ** Personal Web Site: http://sergeant.org/ ** \\// //\\ // \\
Re: HTTP authentication based sessioning with logout ability
I have also been doing problem solving related to session handling and I will briefly share my ideas for a solution. What I am about to say is just the logic or protocol behind my solution without getting into implementation details. I don't know if it'll help you, but here goes: Essentially I had a server-side data store that tracked 4 pieces of information on a client session for authentication purposes: 1. session code or login name (primary key) 2. the "realm"/cookie that the client got on the last log in 3. the date and time of their last log in or request 4. the IP address (or something) of the client machine when last logged in The above information is checked each time the client makes a request. If any is not acceptible then they are prompted for their user id and password again. "acceptible" means that the realm and IP are the same as before, and that less than a certain amount of time passed since they were prompted for a password. If users log out then the "realm" is reset to nil so that they would have to be prompted on a log-in later. HTTP authentication can be used to gather the login name and password, or an html form could be used (greater compatability). It doesn't really matter. The back-end data store also remembered the cumulative effect of whatever users did during the session, so it doesn't all need to be passed back and forth by the browser. So if the web browser crashes or they move to another computer or their session times out, all they have to do is answer the new prompt for a username/password and they can continue right where they left off. This also means that their short-term workflow is remembered, so they have the same screen they left with. The actual commitment of their changes is only done at certain times, such as when they request to save changes. Meanwhile, the actual back-end data isn't left in a volatile state. I think that my solution has advantages of convenience, security, data integrity, compatability and so forth. Also, web browsers have very little that they need to remember. The catch is that users need to have login ids and passwords, and that their activity is tracked by the server (at least short term). But my solution was designed for users who were registered and approved to edit the database, not anonymous individuals. Although, this methodology could still be adapted for anonymous uses... FYI: My requirements were to facilitate a web-accessible resource that could be edited by multiple registered people at once, and as such, each person would have their own login name and password. Fairly standard so far, right? But in addition to that, it needed to let them do their work at a public station or office where the same user could be sitting at several different computers in one day, and several people could use the same computer. Additionally, an editing task could be either simple or quite involved, meaning that the user may have to abandon their session and continue where they left off later. I needed precautions against the browser crashing or it being left open after the user leaves for others to see. Finally, the edited information would be hierarchical, often requiring multiple screens, as well as going up a path and then returning, with what they did up the path being remembered. The same user may even want to edit several unrelated pieces of information at once, doing first one, then stopping and doing something else, and then returning to what they were doing before. Now, I don't know if any of this has helped you or not, but it certainly has helped me. Good days, // Darren Duncan
Re: fork inherits socket connection
Below is a solution to this problem: * fork the long running process from mod_perl * and be able to restart the server o without killing this process o without this process keeping the socket busy and thus preventing the server restart Thanks to Doug for the hint. You need to patch Apache::SubProcess (CPAN): --- SubProcess.xs.orig Sat Sep 25 19:17:12 1999 +++ SubProcess.xs Tue Dec 19 21:03:22 2000 @@ -103,6 +103,14 @@ XPUSHs(io_hook(ioep, io_hook_read)); } + +void +ap_cleanup_after_fork(r) +Apache r + +CODE: +ap_cleanup_for_exec(); + int ap_call_exec(r, pgm=r-filename) Apache r which makes the new method available: cleanup_after_fork() This is the clean test case that shows that the conditions are fulfilled properly: use strict; use POSIX 'setsid'; use Apache::SubProcess; my $r = shift; $r-send_http_header("text/plain"); $SIG{CHLD} = 'IGNORE'; defined (my $kid = fork) or die "Cannot fork: $!\n"; if ($kid) { print "Parent $$ has finished, kid's PID: $kid\n"; } else { $r-cleanup_after_fork(); chdir '/'or die "Can't chdir to /: $!"; open STDIN, '/dev/null' or die "Can't read /dev/null: $!"; open STDOUT, '/dev/null' or die "Can't write to /dev/null: $!"; open STDERR, '/tmp/log' or die "Can't write to /tmp/log: $!"; setsid or die "Can't start a new session: $!"; local $|=1; warn "started\n"; # do something time-consuming sleep 1, warn "$_\n" for 1..20; warn "completed\n"; # we want the process to be terminated, Apache::exit() won't # terminate the process CORE::exit(0); } both processes are completely idependent now. Watch the /tmp/log as the forked process works, while you can restart the server. When I'll complete the rewrite of this section I'll post it all, with the solutions for exec/system as well (using Apache::SubProcess of course). And just a note, you always need setsid, so the server won't kill the spawned process when the server restarts. More cases/explanations to come soonish. Thanks to those who have raised this problem. _ Stas Bekman JAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide http://perl.apache.org/guide mailto:[EMAIL PROTECTED] http://apachetoday.com http://logilune.com/ http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
Re: HTTP authentication based sessioning with logout ability
At 06:28 PM 12/19/00 +, you wrote: Hi there. I've been trying to write a system to perform authentication using the www-authenticate (http authenatication) method. However, I need a client visiting the page and having been authenticated to be able to logout and have their browser forget the information (or at least be able to force the browser to re-authenticate within the same browser session). There are two phases of Apache user authorization, namely, authentication and authorization. I think that you need to set a flag when the user logs-out to force authorization to reject requests and force a new login (which would then clear the flag on success). The flag could also be tied to a timer such that if no request was received after a defined time span, the flag could be set for that user. This approach would not require a cookie. I have never done this, but it should work.
Apache::ASP
I've run into a problem with the examples (eg). I downloaded, ran the Makefile.pl and the make and make install all of those work then copied the eg directory under the www directory for the webserver edited the httpd.conf file to change AllowOverride from None to All then restarted and tried to go to the examples directory -- Internal Server Error. The logs show the particular error, thinking it was a problem with MD5 I tried to install it, it was up to date so did a clean then installed it over and it still gave same error. If you have any ideas please throw them at me. [Tue Dec 19 17:55:44 2000] [error] Can't locate Digest/Perl/MD5.pm in @INC (@INC contains: /usr/libdata/perl/5.00503/mach /usr/libdata/perl/5.00503 /usr/local/lib/perl5/site_perl/5.005/i386-freebsd /usr/local/lib/perl5/site_perl/5.005 . /usr/local/etc/apache/ /usr/local/etc/apache/lib/perl) at /usr/local/lib/perl5/site_perl/5.005/i386-freebsd/Digest/MD5.pm line 20. BEGIN failed--compilation aborted at /usr/local/lib/perl5/site_perl/5.005/Apache/ASP.pm line 13. [Tue Dec 19 17:55:44 2000] [error] Undefined subroutine Apache::ASP::handler called. Thanks -Shane Reid
Re: Apache::ASP
On Tue, 19 Dec 2000, Shane Reid wrote: I've run into a problem with the examples (eg). I downloaded, ran the Makefile.pl and the make and make install all of those work then copied the eg directory under the www directory for the webserver edited the httpd.conf file to change AllowOverride from None to All then restarted and tried to go to the examples directory -- Internal Server Error. The logs show the particular error, thinking it was a problem with MD5 I tried to install it, it was up to date so did a clean then installed it over and it still gave same error. If you have any ideas please throw them at me. [Tue Dec 19 17:55:44 2000] [error] Can't locate Digest/Perl/MD5.pm in @INC cauze it looks for Digest/Perl/MD5.pm -- grep the code for: Digest::Perl::MD5 looks like a typo to me (@INC contains: /usr/libdata/perl/5.00503/mach /usr/libdata/perl/5.00503 /usr/local/lib/perl5/site_perl/5.005/i386-freebsd /usr/local/lib/perl5/site_perl/5.005 . /usr/local/etc/apache/ /usr/local/etc/apache/lib/perl) at /usr/local/lib/perl5/site_perl/5.005/i386-freebsd/Digest/MD5.pm line 20. BEGIN failed--compilation aborted at /usr/local/lib/perl5/site_perl/5.005/Apache/ASP.pm line 13. [Tue Dec 19 17:55:44 2000] [error] Undefined subroutine Apache::ASP::handler called. Thanks -Shane Reid _ Stas Bekman JAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide http://perl.apache.org/guide mailto:[EMAIL PROTECTED] http://apachetoday.com http://logilune.com/ http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
Re: Apache::ASP
Stas Bekman wrote: On Tue, 19 Dec 2000, Shane Reid wrote: to the examples directory -- Internal Server Error. The logs show the particular error, thinking it was a problem with MD5 I tried to install it, it was up to date so did a clean then installed it over and it still gave same error. If you have any ideas please throw them at me. [Tue Dec 19 17:55:44 2000] [error] Can't locate Digest/Perl/MD5.pm in @INC cauze it looks for Digest/Perl/MD5.pm -- grep the code for: Digest::Perl::MD5 I've never heard of it either, try doing a forced install of Digest::MD5 or a force install of MD5, which should result in the same thing. The Digest::MD5 package provides the deprecated interface for MD5 now. --Josh _ Joshua Chamas Chamas Enterprises Inc. NodeWorks free web link monitoring Huntington Beach, CA USA http://www.nodeworks.com1-714-625-4051
[ANNOUNCE] Apache::Filter 1.016
The URL http://forum.swarthmore.edu/~ken/modules/archive/Apache-Filter-1.016.tar.gz has entered CPAN as file: $CPAN/authors/id/K/KW/KWILLIAMS/Apache-Filter-1.016.tar.gz size: 22598 bytes md5: bff9089882d3f9834fafa1822a4f37f6 Changes since 1.014: Noted dependency on mod_perl 1.24_01. Fixed a bug in Apache::RegistryFilter that caused a crash when handler() was called as a function instead of a method. [[EMAIL PROTECTED]] ------ Ken Williams Last Bastion of Euclidity [EMAIL PROTECTED]The Math Forum
recommendation for image server with modperl
Hi, I've been catching up on the modperl list archives, and would just like to recommend "mathopd" as an image web server. After having difficulties with the sheer number of front end apache processes necessary to handle 10 backend modperls, (difficulties: high load average and load spikes, kernel time wasted scheduling lots of httpds, higher than expected latency on simple requests), I switched all images to another IP address on the same box (extending their IMG SRC somewhat obviously), but now served by mathopd. Mathopd is a simple select based, http 1.1 (keep alive) compliant tiny webserver that is very configurable. I was doubtful that it would hold up (it comes with zero documentation .. the docs say "read the source"). But it has not crashed *once*, and its very nice to see just one 22mb process with 500+ minutes of cpu time (for several weeks of work), and have images come in fast and reliably. It uses select and as many file handles for a proc as you have. If load increases beyond (say) your limit of 1024 fds, it re-uses currently unused but kept-alive fds, meaning a graceful degradation. It is also exceedingly fast, much faster than apache serving images (that doesnt matter, but it does mean its frugal with your CPU). Of course I still have 120+ apache httpds (now just being front end for *page* requests), and my wish is that mathopd would add proxy and regexp rewrite capability, then I could do away with apache completely on the front end !! or I guess apache2 with mod_rewrite and mod_proxy would solve that, at the risk of thread related teething problems. Just a recommendation from left field. -Justin
Re: recommendation for image server with modperl
Tell me more... How about memory leaks mod_perl issues? Justin wrote: Hi, I've been catching up on the modperl list archives, and would just like to recommend "mathopd" as an image web server. After having difficulties with the sheer number of front end apache processes necessary to handle 10 backend modperls, (difficulties: high load average and load spikes, kernel time wasted scheduling lots of httpds, higher than expected latency on simple requests), I switched all images to another IP address on the same box (extending their IMG SRC somewhat obviously), but now served by mathopd. Mathopd is a simple select based, http 1.1 (keep alive) compliant tiny webserver that is very configurable. I was doubtful that it would hold up (it comes with zero documentation .. the docs say "read the source"). But it has not crashed *once*, and its very nice to see just one 22mb process with 500+ minutes of cpu time (for several weeks of work), and have images come in fast and reliably. It uses select and as many file handles for a proc as you have. If load increases beyond (say) your limit of 1024 fds, it re-uses currently unused but kept-alive fds, meaning a graceful degradation. It is also exceedingly fast, much faster than apache serving images (that doesnt matter, but it does mean its frugal with your CPU). Of course I still have 120+ apache httpds (now just being front end for *page* requests), and my wish is that mathopd would add proxy and regexp rewrite capability, then I could do away with apache completely on the front end !! or I guess apache2 with mod_rewrite and mod_proxy would solve that, at the risk of thread related teething problems. Just a recommendation from left field. -Justin -- BLH www.RentZone.org
Re: recommendation for image server with modperl
On Tue, 19 Dec 2000, Justin wrote: I've been catching up on the modperl list archives, and would just like to recommend "mathopd" as an image web server. I think you'll find thttpd (http://www.acme.com/software/thttpd/) faster and somewhat better documented. However, I'd like to point out that we've had no problems using Apache as an image server. We need the ability to serve HTTPS images, which mathopd and thttpd can't do, but more than that we've found the performance to be more than good enough with a stripped down Apache server. After having difficulties with the sheer number of front end apache processes necessary to handle 10 backend modperls, (difficulties: high load average and load spikes, kernel time wasted scheduling lots of httpds, higher than expected latency on simple requests) Load averages are tricky beasts. The load can get high on our machines when many processes are running, but it doesn't seem to mean much: almost no CPU is being used, the network is not saturated, the disk is quiet, response is zippy, etc. This leads me to think that these load numbers are not significant. Select-based servers are very cool though, and a good option for people who don't need SSL and want to squeeze great performance out of budget hardware. - Perrin
RE: Apache::Compress patch
Hi Geoff, Does the following patch work just as well for you? I'm trying to keep using $r-send_fd if at all possible when we're not compressing. === --- Compress.pm 2000/11/05 05:36:46 1.3 +++ Compress.pm 2000/12/20 04:34:35 @@ -34,14 +34,24 @@ } return SERVER_ERROR unless $fh; + my $buff; + unless (defined read($fh, $buff, 300)) { +$r-log_error("Can't read from filehandle '$fh': $!"); +return SERVER_ERROR; + } + + return DECLINED unless length $buff; + $can_gzip = 0 if eof($fh); + if ($can_gzip) { $r-content_encoding('gzip'); $r-send_http_header; local $/; -print Compress::Zlib::memGzip($fh); +print Compress::Zlib::memGzip($buff . $fh); } else { $r-send_http_header; -$r-send_fd($fh); +print $buff; +$r-send_fd($fh) unless eof($fh); } return OK; === I'll trust the mod_gzip docs that 300 is a reasonable limit. Thanks for the patch. [EMAIL PROTECTED] (Geoffrey Young) wrote: From: Geoffrey Young [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 14, 2000 8:34 AM To: 'Ken Williams' Cc: '[EMAIL PROTECTED]' Subject: Apache::Compress patch hi ken... something has been bugging me in Apache::Compress for a while now - it _always_ tries to compress output. [snip] whoops on that patch... it didn't print filtered output that was less than 300 characters *doh*. This should do the trick (against Compress.pm 1.003)... --Geoff --- Compress.pm.old Thu Dec 14 08:22:15 2000 +++ Compress.pm Mon Dec 18 15:29:26 2000 @@ -35,10 +35,23 @@ return SERVER_ERROR unless $fh; if ($can_gzip) { -$r-content_encoding('gzip'); -$r-send_http_header; local $/; -print Compress::Zlib::memGzip($fh); +local $^W; # length() gives an uninitialized warning. hmmm... +my $file = $fh; + +my $length = length($file); + +return DECLINED unless $length; + +if ($length 300) { + $r-send_http_header; + $r-print($file); +} +else { + $r-content_encoding('gzip'); + $r-send_http_header; + print Compress::Zlib::memGzip($file); +} } else { $r-send_http_header; $r-send_fd($fh); ------ Ken Williams Last Bastion of Euclidity [EMAIL PROTECTED]The Math Forum
test -- please ignore
If you must read on, my ISP messed up an MX record and my mail's been bouncing for probably the last 8 or 9 hours. It's okay now, but that a lot of bounced messages ans I want to make sure the list software or its human manager haven't unsubscribed me. _ _ _ _ __ _ _ _ _ /\_\_\_\_\/\_\ /\_\_\_\_\_\ /\/_/_/_/_/ /\/_/ \/_/_/_/_/_/ QUIDQUID LATINE DICTUM SIT, /\/_/__\/_/ __/\/_//\/_/ PROFUNDUM VIDITUR /\/_/_/_/_/ /\_\ /\/_//\/_/ /\/_/ \/_/ /\/_/_/\/_//\/_/ (Whatever is said in Latin \/_/ \/_/ \/_/_/_/_/ \/_/ appears profound) Rob Tanner McMinnville, Oregon [EMAIL PROTECTED]
Re: Apache::ASP NFS Clustering
Tuc wrote: This will only work if the NFS attributes on the client mount are set to no caching. It seems to work great in 2 known web clusters. - Wondering if you can expand on this a little. We are trying to do DBM on NFS and think it might be causing a problem. Setting no caching has been suggested... Setting no caching on your NFS is a good step, but ... I personally wouldn't do this, as DB_File needs write locking to maintain data integrity or they could become corrupt. I believe they were using it at RedHat, without problems, but if it were me, I wouldn't. I would stick with the default SDBM_File, which is really hard to corrupt, but you have the 1024 key/value byte limit, so its not good for storing large objects. If you really want DB_File, I would use a samba mount which I tested recently, and does support file locking very well. You may get away with using DB_File over NFS for session state if your site doesn't have frames, because you wouldn't expect concurrent access to $Session under those conditions. If you don't need Session_OnStart / Session_OnEnd events, then you can easily create a database backed Apache::Session solution, by setting $Session in global.asa Script_OnStart -- Josh _ Joshua Chamas Chamas Enterprises Inc. NodeWorks free web link monitoring Huntington Beach, CA USA http://www.nodeworks.com1-714-625-4051
Re: Apache::test patch
On Sat, 2 Dec 2000, Ken Williams wrote: Meta-question: should I be sending patches to modperl-cvs, or modperl? here or to [EMAIL PROTECTED] This patch does three things. applied, thanks!
Re: [PATCH] stop win32 crash when bringing down service
applied, nice find!
cgi scripts
Hi all.. I'm very new to apache and perl... but I'm stuck with a web page that has some .acgi and .cgi files I'm running potato and did an apt-get install apache-perl... It wiped out my apache and perl seperately(early installs) That seemed good... everything seems good except for those scripts These are the changes I made to the default srm.conf and access.conf files... ScriptAlias /cgi-bin/ /var/www/Scripts/ ...and later down the file AddHandler cgi-script .cgi This is the change in the access.conf: Directory /var/www/Scripts/ AllowOverride None Options ExecCGI FollowSymLinks /Directory I think thats it.the web page stuff is in /var/www/ and along with some other junkgifs and such... the Scripts folder in there has some other folders with other .cgi and .acgi files kicking around... I've checked the permissions.. I think they're fine If I try http://localhost/cgi-bin/blahblah.cgi... I get an Internal server error. or if I try a couple folders past /cgi-bin/. .cgi same thing I'm thinking that the script isn't being executed by perl ... I figure I'm missing something in my conf files... gotta hunt through those docs again Any help on this matter is greatly appreciated Mike
Document contains no data
I have been having a problem with my scripts during the where I periodically get a Netscape 4 error saying "Document contains no data" when they run under mod_perl, but not with the same script under CGI. And this only happens sometimes; other times the pages return fine. However, the problem happens very often, even while not all the time. At some points it happens many times sequentially. The problems started soon after I switched to mod_perl on my server using this in the .htaccess file (files named .cgi run as CGI): Files *.pl SetHandler perl-script PerlHandler Apache::Registry Options +ExecCGI /Files I did a search in the Guide for this error and otherwise looked in the troubleshooting sections, but could find nothing. So I am hoping that you all can forgive me for asking help on this problem. Everything else is working fine as near as I can tell. I do not use any global variables explicitely, so I don't see how there could be persistant variable issues. I also print my entire output with headers in a single print statement. I am printing the "HTTP/1.0 200 OK\r\n" ahead of the other headers when running under mod_perl as I am supposed to. And when pages do display they show evidence of this (no extra header text appears). I believe that my mod_perl set-up has about 10 child processes in it, and site traffic is on the order of about 300-1000 hits per day. Stop/Starting the server did not make a difference. Non perl files still are served fine so far and so are .cgi files. Help? // Darren Duncan
cvs commit: modperl/lib/Apache test.pm
dougm 00/12/19 22:34:20 Modified:.Changes lib/Apache test.pm Log: various Apache::test enhancements and fixes Revision ChangesPath 1.550 +3 -0 modperl/Changes Index: Changes === RCS file: /home/cvs/modperl/Changes,v retrieving revision 1.549 retrieving revision 1.550 diff -u -r1.549 -r1.550 --- Changes 2000/11/25 15:39:21 1.549 +++ Changes 2000/12/20 06:34:19 1.550 @@ -10,6 +10,9 @@ =item 1.24_02-dev +various Apache::test enhancements and fixes +[Ken Williams [EMAIL PROTECTED], Dave Rolsky [EMAIL PROTECTED]] + Documenting the new PerlAddVar httpd.conf directive [Stas Bekman [EMAIL PROTECTED]] 1.21 +24 -8 modperl/lib/Apache/test.pm Index: test.pm === RCS file: /home/cvs/modperl/lib/Apache/test.pm,v retrieving revision 1.20 retrieving revision 1.21 diff -u -r1.20 -r1.21 --- test.pm 2000/10/13 17:21:18 1.20 +++ test.pm 2000/12/20 06:34:20 1.21 @@ -1,14 +1,15 @@ package Apache::test; use strict; -use vars qw(@EXPORT $USE_THREAD $USE_SFIO $PERL_DIR); +use vars qw(@EXPORT $USE_THREAD $USE_SFIO $PERL_DIR @EXPORT_OK); use Exporter (); use Config; use FileHandle (); *import = \Exporter::import; -@EXPORT = qw(test fetch simple_fetch have_module skip_test +@EXPORT = qw(test fetch simple_fetch have_module skip_test $USE_THREAD $USE_SFIO $PERL_DIR WIN32 grab run_test); +@EXPORT_OK = qw(have_httpd); BEGIN { if(not $ENV{MOD_PERL}) { @@ -86,14 +87,15 @@ sub _ask { # Just a function for asking the user questions -my ($prompt, $default, $mustfind) = @_; +my ($prompt, $default, $mustfind, $canskip) = @_; +my $skip = defined $canskip ? " ('$canskip' to skip)" : ''; my $response; do { - print "$prompt [$default]: "; + print "$prompt [$default]$skip: "; chomp($response = STDIN); $response ||= $default; -} until (!$mustfind || (-e $response || !print("$response not found\n"))); +} until (!$mustfind || ($response eq $canskip) || (-e $response || !print("$response not found\n"))); return $response; } @@ -108,10 +110,16 @@ my $httpd = $ENV{'APACHE'} || which('apache') || which('httpd') || '/usr/lib/httpd/httpd'; -$httpd = _ask("\n", $httpd, 1); +$httpd = _ask("\n", $httpd, 1, '!'); +if ($httpd eq '!') { + print "Skipping.\n"; + return; +} system "$Config{lns} $httpd t/httpd"; -if (lc _ask("Search existing config file for dynamic module dependencies?", 'n') eq 'y') { +# Default: search for dynamic dependencies if mod_so is present, don't bother otherwise. +my $default = (`t/httpd -l` =~ /mod_so\.c/ ? 'y' : 'n'); +if (lc _ask("Search existing config file for dynamic module dependencies?", $default) eq 'y') { my %compiled; for (`t/httpd -V`) { if (/([\w]+)="(.*)"/) { @@ -148,6 +156,8 @@ my @modules = grep /^\s*(Add|Load)Module/, @lines; my ($server_root) = (map /^\s*ServerRoot\s*(\S+)/, @lines); +$server_root =~ s/^"//; +$server_root =~ s/"$//; # Rewrite all modules to load from an absolute path. foreach (@modules) { @@ -310,6 +320,10 @@ exit; } +sub have_httpd { +return -e 't/httpd'; +} + sub run { require Test::Harness; my $self = shift; @@ -514,7 +528,9 @@ *MY::test = sub { Apache::test-MM_test(%params) }; # In t/*.t script (or test.pl) - (Some methods of Doug's that I haven't reviewed or documented yet) + use Apache::test qw(skip_test have_httpd); + skip_test unless have_httpd; + (Some more methods of Doug's that I haven't reviewed or documented yet) =head1 DESCRIPTION
cvs commit: modperl/src/modules/perl mod_perl.c
dougm 00/12/19 22:39:48 Modified:.Changes src/modules/perl mod_perl.c Log: stop win32 crash when bringing down service Revision ChangesPath 1.551 +3 -0 modperl/Changes Index: Changes === RCS file: /home/cvs/modperl/Changes,v retrieving revision 1.550 retrieving revision 1.551 diff -u -r1.550 -r1.551 --- Changes 2000/12/20 06:34:19 1.550 +++ Changes 2000/12/20 06:39:47 1.551 @@ -10,6 +10,9 @@ =item 1.24_02-dev +stop win32 crash when bringing down service +[John K. Sterling [EMAIL PROTECTED]] + various Apache::test enhancements and fixes [Ken Williams [EMAIL PROTECTED], Dave Rolsky [EMAIL PROTECTED]] 1.134 +15 -1 modperl/src/modules/perl/mod_perl.c Index: mod_perl.c === RCS file: /home/cvs/modperl/src/modules/perl/mod_perl.c,v retrieving revision 1.133 retrieving revision 1.134 diff -u -r1.133 -r1.134 --- mod_perl.c2000/10/06 20:18:28 1.133 +++ mod_perl.c2000/12/20 06:39:48 1.134 @@ -507,7 +507,21 @@ static void mp_dso_unload(void *data) { -array_header *librefs = xs_dl_librefs((pool *)data); +array_header *librefs; + +#ifdef WIN32 +// This is here to stop a crash when bringing down +// a service. Apparently the dso is unloaded too early. +// This if statement tests to see if we are running as a +// service. apache does the same +// see apache's isProcessService() in service.c +if (AllocConsole()) { +FreeConsole(); +return; +} +#endif + +librefs = xs_dl_librefs((pool *)data); perl_shutdown(NULL, NULL); unload_xs_so(librefs); }