Re: Question...
I think I'm missing something... If you set a session cookie (i.e. one with no expiry time) then the cookie will be deleted immediately upon browser close, forcing the user to login again if they've closed their browser instance. If you don't use cookies and allow basic auth then the exact same behavior is called, forcing the user to re-login only if they've closed that browser instance. Is there someway to expire cookies on page leave, or is this the smartass thing you were referring to? :) -- Ryan Parr - Original Message - From: Jon Robison [EMAIL PROTECTED] To: Ron Beck [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, February 12, 2002 12:28 PM Subject: Re: Question... Cookies! /me is in smartass mode today. --Jon Ron Beck wrote: Hello all, I need to know how to clear the $ENV variables. For example, I use a .htaccess file for specific directories which requires the user to enter userID and password. When they exit the page, I want them to have to re-enter userID and passwd if they enter the page again. Does anyone know how this is accomplished? TIA, Ron
Re: Samba authorization
Syntax error on line 346 of /usr/local/apache/conf/httpd.conf: Can't load '/usr/local/lib/perl5/site_perl/5.6.1/sun4-solaris/auto/Authen/Smb/Smb.so' for module Authen::Smb: ld.so.1: /usr/local/apache/bin/httpd: fatal: relocation error: file /usr/local/lib/perl5/site_perl/5.6.1/sun4-solaris/auto/Authen/Smb/Smb.so: symbol main: referenced symbol not found at /usr/local/lib/perl5/5.6.1/sun4-solaris/DynaLoader.pm line 206. at /usr/local/lib/perl5/site_perl/5.6.1/Apache/AuthenSmb.pm line 5 Compilation failed in require at /usr/local/lib/perl5/site_perl/5.6.1/Apache/AuthenSmb.pm line 5. BEGIN failed--compilation aborted at /usr/local/lib/perl5/site_perl/5.6.1/Apache/AuthenSmb.pm line 5. Compilation failed in require at (eval 3) line 3. -- Line 5 of AuthenSmb.pm contains 'use Authen::Smb'. Why apache can't find it? (Smb.pm does exist.) This is a different problem: It's related to your Authen::Smb installation (which Apache::AuthenSmb makes use of to handle its authentication requests). You might want to try and re-install it. -- Per Einar Ellefsen [EMAIL PROTECTED] Maybe it's actually problem with Smb.so. When I make 'ldd -r Smb.so', I get symbol not found: main symbol not found: PL_markstack_ptr symbol not found: PL_na symbol not found: PL_sv_yes symbol not found: PL_stack_base symbol not found: PL_stack_sp symbol not found: PL_curpad symbol not found: PL_op symbol not found: perl_get_sv symbol not found: Perl_croak symbol not found: Perl_sv_setiv symbol not found: connect symbol not found: Perl_mg_set symbol not found: Perl_sv_newmortal symbol not found: Perl_form symbol not found: socket symbol not found: Perl_sv_2pv symbol not found: Perl_newXS symbol not found: inet_addr symbol not found: setsockopt symbol not found: gethostbyname symbol not found: Perl_sv_2iv symbol not found: Perl_sv_setnv But, again, on other our SunOS machine with the same configuration and same output of 'ldd' (just two llines less) authorization work without problems! What may be the reason? -- Andrew
Custom Logging and User Tracking
I'm trying to setup some custom logging including the whole User/Session tracking thing. The problem that I'm encountering is how to log for the page that was requested and ignore all the additional files that may be included in the page. I.e. graphics. Without trying to maintain session uniqueness by comparing mod_uniqueid values. return DECLINED unless($r-is_main()); does nothing return DECLINED unless($r-is_initial_req()); does nothing PerlFixupHandler logs every included file (is this what a subrequest is?) PerlLogHandler logs every included file PerlHandler only logs the initial request, but only logs for the / URI request. No other URI'sare logged. my $code = EO_CODE_SAMPLE; sub handler {my $r = shift; open TRACK, "/usr/local/www/usertracker.txt" or die "Couldn't open log: $!";print TRACK join("\t",($r-hostname,$r-uri,scalar(localtime),$r-connection-remote_ip,$r-connection-hostname || '-' ,$r-header_in('Referer') || '-',$r-header_in('User-agent'))),"\n";close TRACK;return DECLINED;} EO_CODE_SAMPLE
RE: Question...
you can use sessions... there are some modules for this. Forexample, Apache::ASP has the $Session object... or you can use javascript to delete the cookie (maybe) -Original Message- From: Ryan Parr [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 13, 2002 11:00 AM To: Jon Robison; Ron Beck Cc: [EMAIL PROTECTED] Subject: Re: Question... I think I'm missing something... If you set a session cookie (i.e. one with no expiry time) then the cookie will be deleted immediately upon browser close, forcing the user to login again if they've closed their browser instance. If you don't use cookies and allow basic auth then the exact same behavior is called, forcing the user to re-login only if they've closed that browser instance. Is there someway to expire cookies on page leave, or is this the smartass thing you were referring to? :) -- Ryan Parr - Original Message - From: Jon Robison [EMAIL PROTECTED] To: Ron Beck [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, February 12, 2002 12:28 PM Subject: Re: Question... Cookies! /me is in smartass mode today. --Jon Ron Beck wrote: Hello all, I need to know how to clear the $ENV variables. For example, I use a .htaccess file for specific directories which requires the user to enter userID and password. When they exit the page, I want them to have to re-enter userID and passwd if they enter the page again. Does anyone know how this is accomplished? TIA, Ron _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
Re: mod_perl + UNIVERSAL
On Tue 12-Feb-2002 at 04:02:47PM -0500, Perrin Harkins wrote: A list of things I've noticed: * If you have two *different* modules which have the same name, then either one, or the other is loaded in memory, never both. This is dead annoying. I think Perl standard modules + CPAN modules should be shared, other modules which are specific to a given script should not. This is how perl works. You are not allowed to have two different modules with the same name loaded in the same interpreter. If you can't deal with that, maybe you should consider using an environment like Mason or Embperl which allow a page-based approach closer to PHP, rather than using perl's package namespace. I know that this is how perl works... in the context of mod_perl though, in some cases it'd be less hassle to be able to have persistent perl processes isolated per script or per host... Anyway if mod_perl 2.0 allows a pool of perls on a per-host basis as you said, then it'd be a great plus! * Global variables should be reinitialized on each request. Or at least if we want them to be persistent we do not want them to be shared with different scripts on different virtual hosts! Global variables are variables without scope. They are not cleaned up by definition. If you want variables that go out of scope, use lexicals. If you have legacy code that depends on mod_cgi behavior to work, use Apache::PerlRun which clears globals on each request. Apache::PerlRun is far too slow (I don't wanna recompile 18.000 lines of Perl code on each request, thanks :-)). Global variables are useful to store objects that can be accessed anywhere. The only way out is to manually undef everything on each request... I suppose it's not so bad, but I'm just a lazy bastard thus I need to complain :-) * Perl garbage collector should be smarter (okay, that may not be a mod_perl issue). C geeks out there, ain't it possible to compile a version of Perl with a better GC? Doug has talked about doing something with this in mod_perl 2 to help clean up memory taken for lexicals, but it's not definite. And yes, this is really a Perl issue, not a mod_perl one. Yeah Perl not cleaning cyclic references is a pain. And WeakRef is a horrible hack :-) Cheers, -- IT'S TIME FOR A DIFFERENT KIND OF WEB Jean-Michel Hiver - Software Director [EMAIL PROTECTED] +44 (0)114 221 4968 VISIT HTTP://WWW.MKDOC.COM
Re: Multiple authentication methods
Quoting Marcel Weber [EMAIL PROTECTED] [12 Feb-02 16:15]: I don't get the point why it did not work the other way round, but now everything is just fine now : Make it a little more generic: package Apache::MultiAuthen; use strict; use Apache::Constants qw(:common); sub handler { my $r = shift; my($res, $sent_pw) = $r-get_basic_auth_pw; return $res if $res != OK; # Tweak this; unsure about dir_config returning an array my @auth_modules = $r-dir_config(AuthModules); for my $am (@auth_modules) { load($am); if ($@) { $r-log(Error loading module '$am': $@); next; } my $handler = \{$am\::handler}; if ($handler-($r) == OK) { $r-log_reason($am return OK); return OK } $r-log_reason($am not OK); } $r-note_basic_auth_failure; return AUTH_REQUIRED; } sub load { my $module = @_; $module =~ s[::][/]g; $module .= '.pm'; eval { require $module; }; return $@ ? 1 : 0; } 1; __END__ (darren) -- Never attribute to malice that which is adequately explained by incompetence. -- Napolean Bonaparte
Re: Multiple authentication methods
shouldn't stacked handlers be the right solution here? are stacked auth handlers not allowed or something? aaron On Wed, 2002-02-13 at 09:02, darren chamberlain wrote: Quoting Marcel Weber [EMAIL PROTECTED] [12 Feb-02 16:15]: I don't get the point why it did not work the other way round, but now everything is just fine now : Make it a little more generic: package Apache::MultiAuthen; use strict; use Apache::Constants qw(:common); sub handler { my $r = shift; my($res, $sent_pw) = $r-get_basic_auth_pw; return $res if $res != OK; # Tweak this; unsure about dir_config returning an array my @auth_modules = $r-dir_config(AuthModules); for my $am (@auth_modules) { load($am); if ($@) { $r-log(Error loading module '$am': $@); next; } my $handler = \{$am\::handler}; if ($handler-($r) == OK) { $r-log_reason($am return OK); return OK } $r-log_reason($am not OK); } $r-note_basic_auth_failure; return AUTH_REQUIRED; } sub load { my $module = @_; $module =~ s[::][/]g; $module .= '.pm'; eval { require $module; }; return $@ ? 1 : 0; } 1; __END__ (darren) -- Never attribute to malice that which is adequately explained by incompetence. -- Napolean Bonaparte -- aaron ross . alias intelligence, inc email . [EMAIL PROTECTED] phone . 215 545 6428
Re: Multiple authentication methods
Quoting Aaron Ross [EMAIL PROTECTED] [13 Feb-02 09:21]: shouldn't stacked handlers be the right solution here? are stacked auth handlers not allowed or something? Assuming your mod_perl has been built with them, then, yes, that's probably a better solution. But I had a fun 15 minutes writing Apache::MultiAuthen, though. :) (darren) -- My studies in Speculative Philosophy, metaphysics, and science are all summed up in the image of a mouse called man running in and out of every hole in the Cosmos hunting for the Absolute Cheese. -- Edmund Burke
RE: Multiple authentication methods
He wants to check a 'handler' return value. shouldn't stacked handlers be the right solution here? are stacked auth handlers not allowed or something? aaron On Wed, 2002-02-13 at 09:02, darren chamberlain wrote: Quoting Marcel Weber [EMAIL PROTECTED] [12 Feb-02 16:15]: I don't get the point why it did not work the other way round, but now everything is just fine now : Make it a little more generic: package Apache::MultiAuthen; use strict; use Apache::Constants qw(:common); sub handler { my $r = shift; my($res, $sent_pw) = $r-get_basic_auth_pw; return $res if $res != OK; # Tweak this; unsure about dir_config returning an array my @auth_modules = $r-dir_config(AuthModules); for my $am (@auth_modules) { load($am); if ($@) { $r-log(Error loading module '$am': $@); next; } my $handler = \{$am\::handler}; if ($handler-($r) == OK) { $r-log_reason($am return OK); return OK } $r-log_reason($am not OK); } $r-note_basic_auth_failure; return AUTH_REQUIRED; } sub load { my $module = @_; $module =~ s[::][/]g; $module .= '.pm'; eval { require $module; }; return $@ ? 1 : 0; } 1; __END__ (darren) -- Never attribute to malice that which is adequately explained by incompetence. -- Napolean Bonaparte -- aaron ross . alias intelligence, inc email . [EMAIL PROTECTED] phone . 215 545 6428
Re: Multiple authentication methods
Aaron Ross wrote: shouldn't stacked handlers be the right solution here? are stacked auth handlers not allowed or something? yes, you can stack multiple auth handlers. the only problem is that, for the PerlAuthenHandler and PerlAuthzHandler the first handler to return an Apache error code (anything other than OK, DECLINED, or DONE) terminates the chain. which is generally fine, except when you want to return AUTH_REQUIRED and note_basic_auth_failure(). when writing your own auth modules, you could return DECLINED (and not call note_basic_auth_failure()) instead of AUTH_REQUIRED and let mod_auth take care of setting AUTH_REQUIRED for you (since the perl handlers generally run before the Apache C modules). however, with Apache::AuthFoo, the AUTH_REQUIRED stuff is generally compiled in, which means that the authentication chain is terminated prematurely. the solution darren posted is kinda nifty and is along the lines of what you would need to have in order to use the shrink-wrapped Apache:: solutions - one controlling handler that traps the return code of the other handlers, keeping them from Apache so that Apache doesn't end the handler chain before you're ready. HTH --Geoff
Re: Question...
On page leave? Well I think you can of course use javascript on all the links on the page, but I don't believe you can do much about the user typing in a new url in the browser. . . but that's just IMHO. --Jon Ryan Parr wrote: I think I'm missing something... If you set a session cookie (i.e. one with no expiry time) then the cookie will be deleted immediately upon browser close, forcing the user to login again if they've closed their browser instance. If you don't use cookies and allow basic auth then the exact same behavior is called, forcing the user to re-login only if they've closed that browser instance. Is there someway to expire cookies on page leave, or is this the smartass thing you were referring to? :) -- Ryan Parr - Original Message - From: Jon Robison [EMAIL PROTECTED] To: Ron Beck [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, February 12, 2002 12:28 PM Subject: Re: Question... Cookies! /me is in smartass mode today. --Jon Ron Beck wrote: Hello all, I need to know how to clear the $ENV variables. For example, I use a .htaccess file for specific directories which requires the user to enter userID and password. When they exit the page, I want them to have to re-enter userID and passwd if they enter the page again. Does anyone know how this is accomplished? TIA, Ron
Re: Multiple authentication methods
the only problem is that, for the PerlAuthenHandler and PerlAuthzHandler the first handler to return an Apache error code (anything other than OK, DECLINED, or DONE) terminates the chain. which is generally fine, except when you want to return AUTH_REQUIRED and note_basic_auth_failure(). blarg... of course, returning OK also ends the chain, meaning that the user has been authenticated and Apache can stop now. in that respect both the PerlAuthenHandler and PerlAuthzHandler are like the PerlTransHandler (if that helps you think about it). sorry, too much information up there :) --Geoff
[DIGEST] mod_perl digest 2002/02/03
-- mod_perl digest February 3, 2002 - February 9, 2002 -- Recent happenings in the mod_perl world... Features o mod_perl status o module announcements o mailing list highlights o links mod_perl status o mod_perl - stable: 1.26 (released July 11, 2001) [1] - development: 1.26_01-dev [2] o Apache - stable: 1.3.23 (released January 24, 2002) [3] - development: 1.3.24-dev [4] o mod_perl 2.0 - in development (cvs only) [?] o Apache 2.0 - beta: 2.0.28 (released November 13, 2001) [5] o Perl - stable: 5.6.1 (released April 9, 2001) [6] - development: 5.7.2 [7] module announcements o Apache::UploadMeter 0.21 - provides a graphical progress meter for file uploads [8] mailing list highlights o choice of mod_perl technology for news site [9] o Google Programming Contest [10] o New mod_perl Logos [11] links o The Apache/Perl Integration Project [12] o mod_perl documentation [13] o mod_perl modules on CPAN [14] o mod_perl homepage [15] o mod_perl news and advocacy [16] o mod_perl list archives - modperl@ [17] [18] - dev@ [19] [20] - advocacy@ [21] happy mod_perling... --James [EMAIL PROTECTED] -- [1] http://perl.apache.org/dist/ [2] http://perl.apache.org/from-cvs/modperl/ [3] http://www.apache.org/dist/httpd/ [4] http://dev.apache.org/from-cvs/apache-1.3/ [5] http://www.apache.org/dist/httpd/ [6] http://www.cpan.org/src/stable.tar.gz [7] http://www.cpan.org/src/devel.tar.gz [8] http://mathforum.org/epigone/modperl/blimfrartron [9] http://mathforum.org/epigone/modperl/womhomquam [10] http://mathforum.org/epigone/modperl/mayblaiferm [11] http://mathforum.org/epigone/modperl/ghaiprulwil [12] http://perl.apache.org [13] http://perl.apache.org/#docs [14] http://www.cpan.org/modules/by-module/Apache/ [15] http://www.modperl.com [16] http://www.take23.org [17] http://mathforum.org/epigone/modperl/ [18] http://marc.theaimsgroup.com/?l=apache-modperlr=1w=2 [19] http://marc.theaimsgroup.com/?l=apache-modperl-devr=1w=2 [20] http://www.mail-archive.com/dev%40perl.apache.org/ [21] http://www.mail-archive.com/advocacy@perl.apache.org/
Re: Perl Section Bug?
On Fri, 2002-02-08 at 20:25, Salvador Ortiz Garcia wrote: Yes, It's a bug in Perl Sections. Confirmed in 1.26. snip / I'm digging into it. Thanks. I'm glad to know that I'm not imagining things. We've just found a place in Bricolage where the Location directive *does* work as expected. So you're right -- it's worse. Ugh. Thanks, David -- David Wheeler AIM: dwTheory [EMAIL PROTECTED] ICQ: 15726394 http://david.wheeler.net/ Yahoo!: dew7e Jabber: [EMAIL PROTECTED]
Re: Multiple authentication methods
Fixed some errors. Here comes the working version: - package Apache::AuthMulti; # Stathy G. Touloumis # Marcel M. Weber # Darren Chamberlain # # Version 0.1.0 / 2002.02.13 / Marcel M. Weber use strict; use Apache::Constants qw(:common); sub handler { my $r = shift; my($res, $sent_pw) = $r-get_basic_auth_pw; return $res if $res != OK; my @auth_modules=$r-dir_config-get(AuthModules); for my $am (@auth_modules) { load($am); if ($@){ $r-log_reason(Error loading module '$am':$@); next; } my $handler = \{$am\::handler}; if ($handler-($r) == OK) { $r-warn($am return OK); return OK; } $r-log_reason($am not OK); } $r-note_basic_auth_failure; $r-log_reason(none of the handlers could authenticate this user); return AUTH_REQUIRED; } sub load { my $module=@_[0]; $module =~ s[::][/]g; $module .= '.pm'; eval { require $module; }; return $@ ? 1 : 0; } 1; __END__ --- In the httpd.conf you have to put something like this: Location /test AuthName Test AuthType Basic # These are AuthenSmb specific PerlSetVar myPDC SAMBA PerlSetVar myDOMAIN ARBEITSGRUPPE # With PerlAddVar you pass an array PerlAddVar AuthModules Apache::AuthSybase PerlAddVar AuthModules Apache::AuthenSmb PerlAuthenHandler Apache::AuthMulti require valid-user /Location --- Works perfect... Why not submitting this somewhere? I think this could be usefull for quite a lot of people. I think this is cool, as you do not have to worry wether the module returns DECLINED or AUTH_REQUIRED. Marcel Am Mittwoch den, 13. Februar 2002, um 15:02, schrieb darren chamberlain: Quoting Marcel Weber [EMAIL PROTECTED] [12 Feb-02 16:15]: I don't get the point why it did not work the other way round, but now everything is just fine now : Make it a little more generic: package Apache::MultiAuthen; use strict; use Apache::Constants qw(:common); sub handler { my $r = shift; my($res, $sent_pw) = $r-get_basic_auth_pw; return $res if $res != OK; # Tweak this; unsure about dir_config returning an array my @auth_modules = $r-dir_config(AuthModules); for my $am (@auth_modules) { load($am); if ($@) { $r-log(Error loading module '$am': $@); next; } my $handler = \{$am\::handler}; if ($handler-($r) == OK) { $r-log_reason($am return OK); return OK } $r-log_reason($am not OK); } $r-note_basic_auth_failure; return AUTH_REQUIRED; } sub load { my $module = @_; $module =~ s[::][/]g; $module .= '.pm'; eval { require $module; }; return $@ ? 1 : 0; } 1; __END__ (darren) -- Never attribute to malice that which is adequately explained by incompetence. -- Napolean Bonaparte --- PGP / GPG Key: http://www.ncpro.com/GPG/mmweber-at-ncpro-com.asc
Cookie as session store
I have sometimes proposed or recommended schemes of storing session information in an HTTP cookie, encoded and protected by cryptographic digest. I know some people on this list have implemented similar schemes, but I have never actually had occasion to do so. Now I am doing that, and I realize the chief drawback to this scheme: all session information has to be set before generating any HTML output. The chief advantage is no requirement for server-side storage of session. For certain applications, saving all output until the session is serialized may significantly increase the latency of the first data packet in the HTTP response. -jwb
Re: Multiple authentication methods
Quoting Marcel Weber [EMAIL PROTECTED] [13 Feb-02 14:53]: Why not submitting this somewhere? I think this could be usefull for quite a lot of people. I think this is cool, as you do not have to worry wether the module returns DECLINED or AUTH_REQUIRED. I can package this up and put it on CPAN as version 0.01 tomorrow morning, if that seems reasonable to everyone involved. I'll need to add some docs and a Makefile.PL, of course. (darren) -- To believe is very dull. To doubt is intensely engrossing. To be on alert is to live, to be lulled into security is to die. -- Oscar Wilde
Re: Question...
Do you need to expire the cookie when you leave the page? How about the following. When they login, you send down a cookie. when they go to that page, you check the cookie they sent, but send out a new value for that cookie, invalidating it. So when they leave that page they send back your invalid cookie. When they go back to the page, they'll send the invalid cookie, and you can then prompt them to log in or whatever. You'll get the invalid cookie sent back for images on that page, but that usually isn't a problem. Steve Piner Ryan Parr wrote: I think I'm missing something... If you set a session cookie (i.e. one with no expiry time) then the cookie will be deleted immediately upon browser close, forcing the user to login again if they've closed their browser instance. If you don't use cookies and allow basic auth then the exact same behavior is called, forcing the user to re-login only if they've closed that browser instance. Is there someway to expire cookies on page leave, or is this the smartass thing you were referring to? :) -- Ryan Parr - Original Message - From: Jon Robison [EMAIL PROTECTED] To: Ron Beck [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, February 12, 2002 12:28 PM Subject: Re: Question... Cookies! /me is in smartass mode today. --Jon Ron Beck wrote: Hello all, I need to know how to clear the $ENV variables. For example, I use a .htaccess file for specific directories which requires the user to enter userID and password. When they exit the page, I want them to have to re-enter userID and passwd if they enter the page again. Does anyone know how this is accomplished? TIA, Ron
Re: Custom Logging and User Tracking
On Wed, 13 Feb 2002, Ryan Parr wrote: I'm trying to setup some custom logging including the whole User/Session tracking thing. The problem that I'm encountering is how to log for the page that was requested and ignore all the additional files that may be included in the page. I.e. graphics. return DECLINED if $r-content_type =~ m!^image/!; ? - ask -- ask bjoern hansen, http://ask.netcetera.dk/ !try; do(); more than a billion impressions per week, http://valueclick.com
Re: Multiple authentication methods
Marcel Weber wrote: Fixed some errors. Here comes the working version: untested I think you might need to iterate through $r-err_headers_out and remove WWW-Authenticate and Proxy-Authenticate after each authentication module runs. say you have an AuthSMB and AythSybase chain. AuthSMB calls note_basic_auth_failure and sets the WWW-Authenticate header, AuthSybase succeeds and sets the Authorizaion header. in this case, both WWW-Authenticate and Authorization will be passed to the browser (I think), which could lead to spurious results in some browsers. /untested also, you might want to check specifically for AUTH_REQUIRED instead of OK in the chain. AUTH_REQUIRED is not the only return code that get_basic_auth_pw can return (SERVER_ERROR and DECLINED are also possible) and you probably would want to propagate a SERVER_ERROR rather than returning AUTH_REQUIRED. HTH --Geoff
Re: Apache::DBI
Marty == Marty J Rogers [EMAIL PROTECTED] writes: Marty I had tried that, with the same result. (does Apache::DBI Marty overload the DBI methods?) Full error is as follows. Again, Marty any help is _highly_ appreciated. You must specify the full package name to the connect_on_it sub, as in Apache::DBI-connect_on_init(...) Peace.
Re: Multiple authentication methods
untested I think you might need to iterate through $r-err_headers_out and remove WWW-Authenticate and Proxy-Authenticate after each authentication module runs. say you have an AuthSMB and AythSybase chain. AuthSMB calls note_basic_auth_failure and sets the WWW-Authenticate header, AuthSybase succeeds and sets the Authorizaion header. in this case, both WWW-Authenticate and Authorization will be passed to the browser (I think), which could lead to spurious results in some browsers. /untested or not. the browser sends the Authorization header, last I checked :) at any rate, I think my thoughts were headed somewhere. you might end up with a popup box on every request or something if every request ends up with a WWW-Authenticate header. it at least warrants a test I would think. the return code part is probably valid, though. anyway, I swear to start thinking before I type from now on... --Geoff
RE: Multiple authentication methods
Some more fixes ; ) I would suggest changing the PerlSetVar variables to actual apache configuration directives which would change this : my @auth_modules=$r-dir_config-get(AuthModules); I don't have an immediate patch for this but have done it before. If you would like me to work on this code no prob, otherwise check the eagle book for some samples if unfamiliar. Also, THIS : my $handler = \{$am\::handler}; if ($handler-($r) == OK) { $r-warn($am return OK); return OK; TO : ## 'or next' can be changed my $handler = $am-can('handler') or next; if ($handler-($r) == OK) { $r-warn($am return OK); return OK; } And I would consider changing this : $module =~ s[::][/]g; to be more portable. I am working on another class for runtime management of classes that should address this but won't be on CPAN for a few days. - package Apache::AuthMulti; # Stathy G. Touloumis # Marcel M. Weber # Darren Chamberlain # # Version 0.1.0 / 2002.02.13 / Marcel M. Weber use strict; use Apache::Constants qw(:common); sub handler { my $r = shift; my($res, $sent_pw) = $r-get_basic_auth_pw; return $res if $res != OK; my @auth_modules=$r-dir_config-get(AuthModules); for my $am (@auth_modules) { load($am); if ($@){ $r-log_reason(Error loading module '$am':$@); next; } my $handler = \{$am\::handler}; if ($handler-($r) == OK) { $r-warn($am return OK); return OK; } $r-log_reason($am not OK); } $r-note_basic_auth_failure; $r-log_reason(none of the handlers could authenticate this user); return AUTH_REQUIRED; } sub load { my $module=@_[0]; $module =~ s[::][/]g; $module .= '.pm'; eval { require $module; }; return $@ ? 1 : 0; } 1; __END__ --- In the httpd.conf you have to put something like this: Location /test AuthName Test AuthType Basic # These are AuthenSmb specific PerlSetVar myPDC SAMBA PerlSetVar myDOMAIN ARBEITSGRUPPE # With PerlAddVar you pass an array PerlAddVar AuthModules Apache::AuthSybase PerlAddVar AuthModules Apache::AuthenSmb PerlAuthenHandler Apache::AuthMulti require valid-user /Location --- Works perfect... Why not submitting this somewhere? I think this could be usefull for quite a lot of people. I think this is cool, as you do not have to worry wether the module returns DECLINED or AUTH_REQUIRED. Marcel Am Mittwoch den, 13. Februar 2002, um 15:02, schrieb darren chamberlain: Quoting Marcel Weber [EMAIL PROTECTED] [12 Feb-02 16:15]: I don't get the point why it did not work the other way round, but now everything is just fine now : Make it a little more generic: package Apache::MultiAuthen; use strict; use Apache::Constants qw(:common); sub handler { my $r = shift; my($res, $sent_pw) = $r-get_basic_auth_pw; return $res if $res != OK; # Tweak this; unsure about dir_config returning an array my @auth_modules = $r-dir_config(AuthModules); for my $am (@auth_modules) { load($am); if ($@) { $r-log(Error loading module '$am': $@); next; } my $handler = \{$am\::handler}; if ($handler-($r) == OK) { $r-log_reason($am return OK); return OK } $r-log_reason($am not OK); } $r-note_basic_auth_failure; return AUTH_REQUIRED; } sub load { my $module = @_; $module =~ s[::][/]g; $module .= '.pm'; eval { require $module; }; return $@ ? 1 : 0; } 1; __END__ (darren) -- Never attribute to malice that which is adequately explained by incompetence. -- Napolean Bonaparte --- PGP / GPG Key:http://www.ncpro.com/GPG/mmweber-at-ncpro-com.asc
Re: Multiple authentication methods
Quoting Stathy G. Touloumis [EMAIL PROTECTED] [13 Feb-02 15:26]: Some more fixes ; ) Yay! Bug reports already... I would suggest changing the PerlSetVar variables to actual apache configuration directives which would change this : my @auth_modules=$r-dir_config-get(AuthModules); I don't have an immediate patch for this but have done it before. If you would like me to work on this code no prob, otherwise check the eagle book for some samples if unfamiliar. *nod* I'm not sure that the syntax would work; $r-dir_config() would probably return an arrayref, and such; this needs to be tested. Also, THIS : my $handler = \{$am\::handler}; if ($handler-($r) == OK) { $r-warn($am return OK); return OK; TO : ## 'or next' can be changed my $handler = $am-can('handler') or next; if ($handler-($r) == OK) { $r-warn($am return OK); return OK; } Yeah, I just didn't think of that when I wrote the code. That is the Correct Way. And I would consider changing this : $module =~ s[::][/]g; to be more portable. I am working on another class for runtime management of classes that should address this but won't be on CPAN for a few days. I stole that almost whole hog from Template/Config.pm, lines 68-78. Take it up with Andy. ;) The easiest thing would be to use Config, and do: $module =~ s[::][$Config{'path_sep'}]g; Right? (darren) -- What a strange illusion it is to suppose that beauty is goodness. -- Leo Tolstoy
RE: Multiple authentication methods
I would suggest changing the PerlSetVar variables to actual apache configuration directives which would change this : my @auth_modules=$r-dir_config-get(AuthModules); I don't have an immediate patch for this but have done it before. If you would like me to work on this code no prob, otherwise check the eagle book for some samples if unfamiliar. *nod* I'm not sure that the syntax would work; $r-dir_config() would probably return an arrayref, and such; this needs to be tested. You can specify anything for a directive as you can for dir_config() yet it is more extensible : Syntax checking, ability to set in '.htaccess' files and of course everybodies favorite . . . it's faster ; ) Doesn't need to be implemented now but just a thought . . . I stole that almost whole hog from Template/Config.pm, lines 68-78. Take it up with Andy. ;) The easiest thing would be to use Config, and do: $module =~ s[::][$Config{'path_sep'}]g; Right? Anything other than hardcoding and this is fine by me. Although should probably compile once : s[::][$Config{'path_sep'}]go;
Re: Custom Logging and User Tracking
Unfortunately we do have areas on the site where a link would point directly to a graphic file, which I'd like to log. Otherwise that would work quite well. I had always thought that these extra requests would be subrequests. If not, though, what would be the definition of a sub-request? -- Ryan - Original Message - From: Ask Bjoern Hansen [EMAIL PROTECTED] To: Ryan Parr [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, February 13, 2002 12:02 PM Subject: Re: Custom Logging and User Tracking On Wed, 13 Feb 2002, Ryan Parr wrote: I'm trying to setup some custom logging including the whole User/Session tracking thing. The problem that I'm encountering is how to log for the page that was requested and ignore all the additional files that may be included in the page. I.e. graphics. return DECLINED if $r-content_type =~ m!^image/!; ? - ask -- ask bjoern hansen, http://ask.netcetera.dk/ !try; do(); more than a billion impressions per week, http://valueclick.com
RE: Multiple authentication methods
The easiest thing would be to use Config, and do: $module =~ s[::][$Config{'path_sep'}]g; Right? Maybe not : ) When checking on 2 linux systems I got a path seperator of ':'. Can you let me know if you get similar results? Thanks,
Re: Multiple authentication methods
So here comes the most actual code: Submitting it to CPAN would be fine! package Apache::AuthMulti; # Stathy G. Touloumis # Marcel M. Weber # Darren Chamberlain # # Version 0.01-2 / 13.02.2002 / Marcel M. Weber use strict; use Apache::Constants qw(:common); sub handler { my $r = shift; my($res, $sent_pw) = $r-get_basic_auth_pw; return $res if $res != OK; my @auth_modules=$r-dir_config-get(AuthModules); for my $am (@auth_modules) { load($am); if ($@){ $r-log_reason(Error loading module '$am':$@); next; } my $handler = $am-can('handler') or next; if ($handler-($r) == OK) { $r-warn($am return OK); return OK; } $r-log_reason($am not OK); } $r-note_basic_auth_failure; $r-log_reason(none of the handlers could authenticate this user); return AUTH_REQUIRED; } sub load { my $module=@_[0]; $module =~ s[::][$Config{'path_sep'}]go; $module .= '.pm'; eval { require $module; }; return $@ ? 1 : 0; } 1; __END__ - Am Mittwoch den, 13. Februar 2002, um 21:42, schrieb Stathy G. Touloumis: I would suggest changing the PerlSetVar variables to actual apache configuration directives which would change this : my @auth_modules=$r-dir_config-get(AuthModules); I don't have an immediate patch for this but have done it before. If you would like me to work on this code no prob, otherwise check the eagle book for some samples if unfamiliar. *nod* I'm not sure that the syntax would work; $r-dir_config() would probably return an arrayref, and such; this needs to be tested. It returns a arrayref, as far as I experienced. Well I'm really new to mod_perl and my eagle book waits still in the library to be bought... But why is this version not nice? --- Marcel PGP / GPG Key: http://www.ncpro.com/GPG/mmweber-at-ncpro-com.asc
Re: Multiple authentication methods
On my woody system it's fine. Marcel Am Mittwoch den, 13. Februar 2002, um 23:51, schrieb Stathy G. Touloumis: The easiest thing would be to use Config, and do: $module =~ s[::][$Config{'path_sep'}]g; Right? Maybe not : ) When checking on 2 linux systems I got a path seperator of ':'. Can you let me know if you get similar results? Thanks, --- PGP / GPG Key: http://www.ncpro.com/GPG/mmweber-at-ncpro-com.asc
RE: Multiple authentication methods
At 16:51 13.02.2002 -0600, Stathy G. Touloumis wrote: The easiest thing would be to use Config, and do: $module =~ s[::][$Config{'path_sep'}]g; Right? Maybe not : ) When checking on 2 linux systems I got a path seperator of ':'. Can you let me know if you get similar results? I'm getting the same problem here. It seems like $Config{path_sep} has been misunderstood: it gives ':' on Unix and ';' on Windows, so I believe it means the separator between different items in your PATH (/usr/bin:/usr/local/bin etc..). I think what you need is File::Spec. Use this instead: $module = File::Spec-catfile(split /::/, $module); That'll be portable. -- Per Einar Ellefsen [EMAIL PROTECTED]
Re: Multiple authentication methods
Sorry, this code does not work... Should test it better before sending it to to mailing list... Marcel Am Donnerstag den, 14. Februar 2002, um 00:05, schrieb Marcel Weber: So here comes the most actual code: Submitting it to CPAN would be fine! package Apache::AuthMulti; # Stathy G. Touloumis # Marcel M. Weber # Darren Chamberlain # # Version 0.01-2 / 13.02.2002 / Marcel M. Weber use strict; use Apache::Constants qw(:common); sub handler { my $r = shift; my($res, $sent_pw) = $r-get_basic_auth_pw; return $res if $res != OK; my @auth_modules=$r-dir_config-get(AuthModules); for my $am (@auth_modules) { load($am); if ($@){ $r-log_reason(Error loading module '$am':$@); next; } my $handler = $am-can('handler') or next; if ($handler-($r) == OK) { $r-warn($am return OK); return OK; } $r-log_reason($am not OK); } $r-note_basic_auth_failure; $r-log_reason(none of the handlers could authenticate this user); return AUTH_REQUIRED; } sub load { my $module=@_[0]; $module =~ s[::][$Config{'path_sep'}]go; $module .= '.pm'; eval { require $module; }; return $@ ? 1 : 0; } 1; __END__ - Am Mittwoch den, 13. Februar 2002, um 21:42, schrieb Stathy G. Touloumis: I would suggest changing the PerlSetVar variables to actual apache configuration directives which would change this : my @auth_modules=$r-dir_config-get(AuthModules); I don't have an immediate patch for this but have done it before. If you would like me to work on this code no prob, otherwise check the eagle book for some samples if unfamiliar. *nod* I'm not sure that the syntax would work; $r-dir_config() would probably return an arrayref, and such; this needs to be tested. It returns a arrayref, as far as I experienced. Well I'm really new to mod_perl and my eagle book waits still in the library to be bought... But why is this version not nice? --- Marcel PGP / GPG Key:http://www.ncpro.com/GPG/mmweber-at-ncpro-com.asc --- PGP / GPG Key: http://www.ncpro.com/GPG/mmweber-at-ncpro-com.asc
Re: Custom Logging and User Tracking
Nothing special to the way these sites work. You can check out http://www.rileyjames.com and http://www.ryanparr.com (the programming on the latter will leave you in awe :) I want to host my sites and have a decent usage statistics location, but I just can't seem to get the logging part down. I've got a long road ahead of me :) For instance, the code below logs the following on entrance to rileyjames.com (setup as PerlFixupHandler): www.rileyjames.com / Wed Feb 13 16:17:15 2002 www.rileyjames.com /index.html Wed Feb 13 16:17:15 2002 www.rileyjames.com /topnavigation.htm Wed Feb 13 16:17:15 2002 www.rileyjames.com /white.htm Wed Feb 13 16:17:15 2002 www.rileyjames.com /green.htm Wed Feb 13 16:17:15 2002 www.rileyjames.com /index1.htm Wed Feb 13 16:17:15 2002 www.rileyjames.com /topnav.css Wed Feb 13 16:17:15 2002 www.rileyjames.com /graphics/redarrow.gif Wed Feb 13 16:17:15 2002 www.rileyjames.com /border.css Wed Feb 13 16:17:15 2002 www.rileyjames.com /text.css Wed Feb 13 16:17:15 2002 www.rileyjames.com /graphics/frontpaglogo.gif Wed Feb 13 16:17:15 2002 The code follows: sub handler { my $r = shift; return DECLINED unless($r-is_main()); # Same behavior when: # return DECLINED unless($r-is_initial_req()); open TRACK, /usr/local/www/usertracker.txt or die Couldn't open log: $!; print TRACK join(\t,($r-hostname,$r-uri,scalar(localtime))),\n; close TRACK; return DECLINED; } -- Ryan - Original Message - From: Ask Bjoern Hansen [EMAIL PROTECTED] To: Ryan Parr [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, February 13, 2002 2:34 PM Subject: Re: Custom Logging and User Tracking On Wed, 13 Feb 2002, Ryan Parr wrote: Unfortunately we do have areas on the site where a link would point directly to a graphic file, which I'd like to log. Otherwise that would work quite well. I had always thought that these extra requests would be subrequests. If not, though, what would be the definition of a sub-request? A subrequest is when during processing of the original request make a new internal request. What you are looking for might be the Referer header; but without knowing more exactly how your site works and what URLs you use, it's hard to tell. - ask -- ask bjoern hansen, http://ask.netcetera.dk/ !try; do(); more than a billion impressions per week, http://valueclick.com
RE: Multiple authentication methods
Cool . . . Thanks for the tip : ) The easiest thing would be to use Config, and do: $module =~ s[::][$Config{'path_sep'}]g; Right? Maybe not : ) When checking on 2 linux systems I got a path seperator of ':'. Can you let me know if you get similar results? I'm getting the same problem here. It seems like $Config{path_sep} has been misunderstood: it gives ':' on Unix and ';' on Windows, so I believe it means the separator between different items in your PATH (/usr/bin:/usr/local/bin etc..). I think what you need is File::Spec. Use this instead: $module = File::Spec-catfile(split /::/, $module); That'll be portable.
Re: Multiple authentication methods
I see. You're right, this is actually much nicer! Sorry for the misinformation. On debian it return : also. I made a mistake checking it. But with the suggested code by Per it works just fine: sub load { my $module=@_[0]; $module = File::Spec-catfile(split /::/, $module); $module .= '.pm'; eval { require $module; }; return $@ ? 1 : 0; } Of course one has to put a use File::Spec at the beginning and a Per Finar Ellefsen Marcel Am Donnerstag den, 14. Februar 2002, um 00:11, schrieb Stathy G. Touloumis: Interesting, one system is RedHat 7.2 and Suse 7.3 (custom built perl) that returns a ':' for $Config{'path_sep'} It returns a arrayref, as far as I experienced. Well I'm really new to mod_perl and my eagle book waits still in the library to be bought... But why is this version not nice? It's fine but I have become much more impressed with the mod_perl configuration features. It provides a much cleaner interface for specifying directives. THIS : Location /test AuthName Test AuthType Basic # These are AuthenSmb specific PerlSetVar myPDC SAMBA PerlSetVar myDOMAIN ARBEITSGRUPPE # With PerlAddVar you pass an array PerlAddVar AuthModules Apache::AuthSybase PerlAddVar AuthModules Apache::AuthenSmb PerlAuthenHandler Apache::AuthMulti require valid-user /Location VS : Location /test AuthName Test AuthType Basic # Now an actual apache conf myPDC SAMBA myDOMAIN ARBEITSGRUPPE # No need to specify twice AuthModules Apache::AuthSybase Apache::AuthenSmb PerlAuthenHandler Apache::AuthMulti require valid-user /Location Of course there will be some minor changes in the module and in the Makefile.PL --- PGP / GPG Key: http://www.ncpro.com/GPG/mmweber-at-ncpro-com.asc
RE: Multiple authentication methods
File::Spec is in included with the standard perl mods I believe so dependencies shouldn't be a problem. I see. You're right, this is actually much nicer! Sorry for the misinformation. On debian it return : also. I made a mistake checking it. But with the suggested code by Per it works just fine: sub load { my $module=@_[0]; $module = File::Spec-catfile(split /::/, $module); $module .= '.pm'; eval { require $module; }; return $@ ? 1 : 0; } Of course one has to put a use File::Spec at the beginning and a Per Finar Ellefsen
Re: Custom Logging and User Tracking
On Wed, 13 Feb 2002, Ryan Parr wrote: The code follows: sub handler { my $r = shift; return DECLINED unless($r-is_main()); # Same behavior when: # return DECLINED unless($r-is_initial_req()); open TRACK, /usr/local/www/usertracker.txt or die Couldn't open log: $!; print TRACK join(\t,($r-hostname,$r-uri,scalar(localtime))),\n; close TRACK; return DECLINED; } Hmm, no file locking for something being used by multiple processes? Could be problematic. Is print atomic? Better be sure. Also, if you just open the filehandle once (not in the handler) this'd probably be a bit quicker. And for increased perceived speed have the writing occur in a cleanup handler. -dave /*== www.urth.org we await the New Sun ==*/
Re: Custom Logging and User Tracking
All good points. This code is only to test mod_perl Perl*Handler mechanisms to ensure that I can get the proper log. Once I figure out the necessary routines to do this then I'll integrate it with the rest of my mod, which logs request and session info to a database. -- Ryan - Original Message - From: Dave Rolsky [EMAIL PROTECTED] To: Ryan Parr [EMAIL PROTECTED] Cc: mod_perl list [EMAIL PROTECTED] Sent: Wednesday, February 13, 2002 4:23 PM Subject: Re: Custom Logging and User Tracking On Wed, 13 Feb 2002, Ryan Parr wrote: The code follows: sub handler { my $r = shift; return DECLINED unless($r-is_main()); # Same behavior when: # return DECLINED unless($r-is_initial_req()); open TRACK, /usr/local/www/usertracker.txt or die Couldn't open log: $!; print TRACK join(\t,($r-hostname,$r-uri,scalar(localtime))),\n; close TRACK; return DECLINED; } Hmm, no file locking for something being used by multiple processes? Could be problematic. Is print atomic? Better be sure. Also, if you just open the filehandle once (not in the handler) this'd probably be a bit quicker. And for increased perceived speed have the writing occur in a cleanup handler. -dave /*== www.urth.org we await the New Sun ==*/
mod_perl compile problem
Hi: I'm attempting to make httpd apache-1.3.23 with mod_perl-1.26 and ActiveState Perl 5.6.1 Build 631. This is a simple build with no other modules or EAPI references. Unfortunately, I'm encountering the following error when the compile of the http_core.c routine is attempted: gcc -c -I.. -I/usr/local/ActivePerl-5.6/lib/5.6.1/i686-linux-thread-multi/CO RE -I../os/unix -I../include -DLINUX=22 - I/usr/include/db1 -DDEV_RANDOM=/dev/random -DMOD_PERL -DUSE_PERL_SSI -DUSE_R EENTRANT_API -D_POSIX_C_SOURCE=199506L - _REENTRANT -fno-strict-aliasing -DUSE_HSREGEX -D_XOPEN_SOURCE -DUSE_REENTRA NT_API -D_POSIX_C_SOURCE=199506L - D_REENTRANT -fno-strict-aliasing -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DMOD_PERL http_core.c http_core.c: In function `default_handler': http_core.c:3775: `caddr_t' undeclared (first use in this function) http_core.c:3775: (Each undeclared identifier is reported only once http_core.c:3775: for each function it appears in.) http_core.c:3775: parse error before mm http_core.c:3839: `mm' undeclared (first use in this function) make[2]: *** [http_core.o] Error 1 make[1]: *** [subdirs] Error 1 make[1]: Leaving directory `/usr/dist/apache_1.3.23/src' make: *** [apache_httpd] Error 2 I was told that building ActiveState from source versus using the RPM would fix the problem but, this did not work. Any suggestions? Below is the entire mod_perl build session: Thanks, RB === mod_perl BUILD SESSION === perl Makefile.PL Configure mod_perl with ../src ? [y] Shall I build httpd in ../src for you? [y] Appending mod_perl to src/Configuration Using config file: /usr/dist/apache_1.3.23/mod_perl-1.26/src/Configuration Creating Makefile + configured for Linux platform + setting C compiler to gcc + setting C pre-processor to gcc -E + checking for system header files + adding selected modules o rewrite_module uses ConfigStart/End + using -lndbm for DBM support enabling DBM support for mod_rewrite o db_auth_module uses ConfigStart/End using Berkeley-DB/3.x for mod_auth_db (-ldb) o digest_auth_module uses ConfigStart/End using /dev/random for the random seed o perl_module uses ConfigStart/End + mod_perl build type: OBJ + setting up mod_perl build environment + id: mod_perl/1.26 + id: Perl/v5.6.1 (linux) [perl] Note (probably harmless): No library found for -lposix + adjusting Apache build environment + enabling Perl support for SSI (mod_include) + using system Expat + checking sizeof various data types + doing sanity check on compiler and options Creating Makefile in support Creating Makefile in regex Creating Makefile in os/unix Creating Makefile in ap Creating Makefile in main Creating Makefile in modules/standard Creating Makefile in modules/experimental Creating Makefile in modules/proxy Creating Makefile in modules/example Creating Makefile in modules/perl EXTRA_CFLAGS: -DLINUX=22 -I/usr/include/db1 -DDEV_RANDOM=/dev/random -DMOD_P ERL -DUSE_PERL_SSI -DUSE_REENTRANT_API -D_POSIX_C_SOURCE=199506L -D_REENTRAN T -fno-strict-aliasing -DUSE_HSREGEX PerlDispatchHandler.disabled (enable with PERL_DISPATCH=1) PerlChildInitHandlerenabled PerlChildExitHandlerenabled PerlPostReadRequestHandler..disabled (enable with PERL_POST_READ_REQUEST=1) PerlTransHandlerdisabled (enable with PERL_TRANS=1) PerlHeaderParserHandler.disabled (enable with PERL_HEADER_PARSER=1) PerlAccessHandler...disabled (enable with PERL_ACCESS=1) PerlAuthenHandler...disabled (enable with PERL_AUTHEN=1) PerlAuthzHandlerdisabled (enable with PERL_AUTHZ=1) PerlTypeHandler.disabled (enable with PERL_TYPE=1) PerlFixupHandlerdisabled (enable with PERL_FIXUP=1) PerlHandler.enabled PerlLogHandler..disabled (enable with PERL_LOG=1) PerlInitHandler.disabled (enable with PERL_INIT=1) PerlCleanupHandler..disabled (enable with PERL_CLEANUP=1) PerlRestartHandler..disabled (enable with PERL_RESTART=1) PerlStackedHandlers.disabled (enable with PERL_STACKED_HANDLERS=1) PerlMethodHandlers..disabled (enable with PERL_METHOD_HANDLERS=1) PerlDirectiveHandlers...disabled (enable with PERL_DIRECTIVE_HANDLERS=1) PerlTableApidisabled (enable with PERL_TABLE_API=1) PerlLogApi..disabled (enable with PERL_LOG_API=1) PerlUriApi..disabled (enable with PERL_URI_API=1) PerlUtilApi.disabled (enable with PERL_UTIL_API=1) PerlFileApi.disabled (enable with PERL_FILE_API=1) PerlConnectionApi...enabled PerlServerApi...enabled PerlSectionsdisabled (enable with PERL_SECTIONS=1) PerlSSI.disabled (enable with PERL_SSI=1) Will run tests as User: 'nobody' Group: 'root'
Re: mod_perl compile problem
From: OCNS Consulting [EMAIL PROTECTED] I'm attempting to make httpd apache-1.3.23 with mod_perl-1.26 and ActiveState Perl 5.6.1 Build 631. Am I hearing you right, you're using an ActiveState Perl on Linux? --- Rodney Broom Programmer: Desert.Net
RE: mod_perl compile problem
Yes. R. Beazley -Original Message- From: Rodney Broom [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 13, 2002 7:55 PM To: OCNS Consulting; [EMAIL PROTECTED] Subject: Re: mod_perl compile problem From: OCNS Consulting [EMAIL PROTECTED] I'm attempting to make httpd apache-1.3.23 with mod_perl-1.26 and ActiveState Perl 5.6.1 Build 631. Am I hearing you right, you're using an ActiveState Perl on Linux? --- Rodney Broom Programmer: Desert.Net
Re: Custom Logging and User Tracking
I checked it out and it's a good mod. I've already got the ability to log the data however. The issue that I'm having is that I can't seem to only get 1 log per hit. I can't seem to get around the fact that wherever I put my mod (PerlFixupHandler,PerlHandler,PerlLogHandler) or whatever statement I use ($r-is_main(), $r-is_initial_req()) I'm getting not only the requested page but every other request from the inital request. For instance, I'm getting and logging every graphic, css, javascript, or any other file that's linked in. But for my user tracking I want *just* the initial request, not that and all subrequests. I just can't seem to figure out how to do that. $r-is_main() and $r-is_initial_req() return true for everything. KeepAlive is on. This happens with MSIE, Netscape, Lynx, Opera I would assume Konquerer too. I know that I have to be missing something pretty basic, I'm new to programming in mod_perl. -- Ryan - Original Message - From: Andrew Moore [EMAIL PROTECTED] To: Ryan Parr [EMAIL PROTECTED] Cc: mod_perl list [EMAIL PROTECTED] Sent: Wednesday, February 13, 2002 5:00 PM Subject: Re: Custom Logging and User Tracking On Wed, Feb 13, 2002 at 04:42:02PM -0800, Ryan Parr wrote: All good points. This code is only to test mod_perl Perl*Handler mechanisms to ensure that I can get the proper log. Once I figure out the necessary routines to do this then I'll integrate it with the rest of my mod, which logs request and session info to a database. -- Ryan You might check out Ask's Apache::DBILogger module. It's pretty simple source, so you can make it log whatever you like pretty easily. -Andy
RE: mod_perl compile problem
Yes. R. Beazley -Original Message- From: Rodney Broom [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 13, 2002 7:55 PM To: OCNS Consulting; [EMAIL PROTECTED] Subject: Re: mod_perl compile problem From: OCNS Consulting [EMAIL PROTECTED] I'm attempting to make httpd apache-1.3.23 with mod_perl-1.26 and ActiveState Perl 5.6.1 Build 631. Am I hearing you right, you're using an ActiveState Perl on Linux? --- Rodney Broom Programmer: Desert.Net
Re: Perl Section Bug?
On Wed, 2002-02-13 at 13:44, David Wheeler wrote: On Fri, 2002-02-08 at 20:25, Salvador Ortiz Garcia wrote: Yes, It's a bug in Perl Sections. Confirmed in 1.26. snip / I'm digging into it. Thanks. I'm glad to know that I'm not imagining things. We've just found a place in Bricolage where the Location directive *does* work as expected. So you're right -- it's worse. Ugh. Thanks, David Ok, I found it. Right now all Location, Directory and Files are afected by being upgraded at random to the Match versions. Can you please test the following patch for perl_config.c: === --- perl_config.c Tue Jul 10 20:47:15 2001 +++ perl_config.c.new Wed Feb 13 22:40:27 2002 @@ -1166,6 +1166,7 @@ char *tmpkey; I32 tmpklen; SV *tmpval; +void *old_info = cmd-info; (void)hv_iterinit(hv); while ((tmpval = hv_iternextsv(hv, tmpkey, tmpklen))) { char line[MAX_STRING_LEN]; @@ -1195,6 +1196,7 @@ if(errmsg) log_printf(cmd-server, Perl: %s, errmsg); } +cmd-info = old_info; /* Emulate the handling of end token for the section */ perl_set_config_vectors(cmd, cfg, core_module); } @@ -1511,9 +1513,7 @@ void *dummy = perl_set_config_vectors(cmd, config, core_module); void *old_info = cmd-info; -if (strstr(key, Match)) { - cmd-info = (void*)key; -} +cmd-info = (void*)strstr(key,Match); if(strnEQ(key, Location, 8)) perl_urlsection(cmd, dummy, hv); === Right now I'm working in a more radical patch to fix other minor problems related to Perl sections handling. Regards Salvador Ortiz.