Re: Proxy authentication against a mod_perl backend - how?
On Mon, 1 Apr 2002, Fury wrote: I've recently reconfigured a web server to use the front-end proxy/back-end mod_perl configuration. One application runs happily on the mod_perl server, with static content being served from the proxy, and dynamic requests forwarded to the backend. However, I have a request to insert a bunch of static content onto the proxy server, which is fine. As an added requirement, the content is to be protected. Now, I could just use the standard Apache access files, but they're ugly, and get slow as they grow. Ideally, I'd like to use the backend database to hold the user information used for authentication. How can I configure the proxy (which doesn't have mod_perl) to authenticate against the back end? My first thoughts were to use mod_proxy to forward requests for /protected/login to the backend, where the authentication will be done. Then, just redirect the request to another URL behind /protected. The authentication information should be passed as part of the request, should it not? I'd also reverse proxy the URL's - I don't think this would work if I didn't. mod_accel can do such authorization with directive AccelRevalidateUser. Authorization can be done via HTTP Basic authorization or cookie. If directive is active the following happens: 1. if there is no cached response then it request is passed to backend; 2 if backend reponses with 200 code then reponse is cached; 3. if there is cached reponse then request is passed to backend with If-Modified-Since header that set to Last-Modified header of cached reponse; 4. if backend reponses with code 304 or 200 then cached or received reponse send to client; 5. if backend reponses with any other codes then reponse send to client but cached reponse is not deleted. But this feature is usefull only if backend authorization and 304 (Not Modified) generating is cheaper then full reponse (200) generating. Igor Sysoev igor sysoev.ru
Re: Any way to run two versions of the same perl classes at the sametime?
Thomas Burkholder wrote: Hi there- I've reached a point where I've released a stable version of my project (areaj, at www.areaj.org) with a demo server (www.areaj.org/areaj) but I want to continue development work on the same machine. But, obviously the new and old versions of the code live in an identical namespace - so I don't see a way to run both servers under the same apache installation. I can't just use StatINC and change the code dynamically, because that will create an unpredictable and bug-prone experience for the people using the production server (I want folks using the production server to see the existing product anyway, not what I'm developing on). Does anyone know of an easy way to solve this with apache/mod_perl, without running on two different servers? Locating the code isn't a problem; I already deliver the code to a custom location in the user's home dir. I just don't know how to get two apaches to run that read the different versions of the code. This issue has been discussed many times here, you may want to read the archives, but since you don't need the solution for the production server Apache::PerlVINC should satisfy you:http://perl.apache.org/guide/modules.html#Apache_PerlVINC_Allows_Module mod_perl 2.0 has this problem solved (when it's released) __ Stas BekmanJAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide --- http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
Re: general timeout for mod_perl scripts?
Perrin Harkins wrote: i would like to prevent any of my mod_perl scripts from running longer than 5 seconds. is there an elegant way to make a general timeout that does not require changing all my scripts? i run both Registry and Mason scripts in my environment. You could try setting an alarm in a fixup handler. But if you're just trying to prevent runaway servers, I'd suggest Apache::Resource. or Apache::Watchdog::RunAway __ Stas BekmanJAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide --- http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
Re: Any way to run two versions of the same perl classes at the sametime?
Hi! You can use this method. Run another apache server in port 8080 (for example) You can't change dir when move script to front server. See - http://www.my_server.com:80/index.html (or http://www.myold.com/index.html) http://www.my_server.com:8080/index.html - developer server. Vlad Chubuk Stas Bekman wrote: Thomas Burkholder wrote: Hi there- I've reached a point where I've released a stable version of my project (areaj, at www.areaj.org) with a demo server (www.areaj.org/areaj) but I want to continue development work on the same machine. But, obviously the new and old versions of the code live in an identical namespace - so I don't see a way to run both servers under the same apache installation. I can't just use StatINC and change the code dynamically, because that will create an unpredictable and bug-prone experience for the people using the production server (I want folks using the production server to see the existing product anyway, not what I'm developing on). Does anyone know of an easy way to solve this with apache/mod_perl, without running on two different servers? Locating the code isn't a problem; I already deliver the code to a custom location in the user's home dir. I just don't know how to get two apaches to run that read the different versions of the code. This issue has been discussed many times here, you may want to read the archives, but since you don't need the solution for the production server Apache::PerlVINC should satisfy you:http://perl.apache.org/guide/modules.html#Apache_PerlVINC_Allows_Module mod_perl 2.0 has this problem solved (when it's released) __ Stas BekmanJAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide --- http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
DBI: selectall_hasref incompatibility
Got a slight problem here.. Does anyone know why there was at some point a major change in the return value for DBI::selectall_hashref? And is there a depricated method which still uses the original prototype? My problem: --- Using DBI V1.19 on my box, the reported prototype is: selectall_hashref $ary_ref = $dbh-selectall_hashref($statement); $ary_ref = $dbh-selectall_hashref($statement, \%attr); $ary_ref = $dbh-selectall_hashref($statement, \%attr, bind_values So i wrote shiney happy code and tried it on our production box. On the Production box, using DBI V1.21, the given prototype is: selectall_hashref $hash_ref = $dbh-selectall_hashref($statement, $key_field); $hash_ref = $dbh-selectall_hashref($statement, $key_field, \%attr); $hash_ref = $dbh-selectall_hashref($statement, $key_field, \%attr, bind_values); hmm.. I sware that I saw something similar about a year ago. I don't want to go about rewriting code, so has anyone found some secret undocumented method which still use the original prototype. TIA, fiq __ __ _ __ __ | \/ | ___ __| | ___ _ __ _ __ | \/ | __ _ _ __ | |\/| |/ _ \ / _` |/ _ \ '__| '_ \| |\/| |/ _` | '_ \ | | | | (_) | (_| | __/ | | | | | | | | (_| | | | | |_| |_|\___/ \__,_|\___|_| |_| |_|_| |_|\__,_|_| |_| a pathetic example of his organic heritage - Bad Religion
Re: DBI: selectall_hasref incompatibility
Fixed it with common sense - using values %$result to get back my original struct. Time to upgrade DBI. Cheers anyway. And a great big nasty insult to the wonderful guy who went and made the selectall_hashref method do what it logically sounds like it should do. ;) fiq On Tue, 2 Apr 2002, Rafiq Ismail (ADMIN) wrote: Got a slight problem here.. Does anyone know why there was at some point a major change in the return value for DBI::selectall_hashref? And is there a depricated method which still uses the original prototype? My problem: --- Using DBI V1.19 on my box, the reported prototype is: selectall_hashref $ary_ref = $dbh-selectall_hashref($statement); $ary_ref = $dbh-selectall_hashref($statement, \%attr); $ary_ref = $dbh-selectall_hashref($statement, \%attr, bind_values So i wrote shiney happy code and tried it on our production box. On the Production box, using DBI V1.21, the given prototype is: selectall_hashref $hash_ref = $dbh-selectall_hashref($statement, $key_field); $hash_ref = $dbh-selectall_hashref($statement, $key_field, \%attr); $hash_ref = $dbh-selectall_hashref($statement, $key_field, \%attr, bind_values); hmm.. I sware that I saw something similar about a year ago. I don't want to go about rewriting code, so has anyone found some secret undocumented method which still use the original prototype. TIA, fiq __ __ _ __ __ | \/ | ___ __| | ___ _ __ _ __ | \/ | __ _ _ __ | |\/| |/ _ \ / _` |/ _ \ '__| '_ \| |\/| |/ _` | '_ \ | | | | (_) | (_| | __/ | | | | | | | | (_| | | | | |_| |_|\___/ \__,_|\___|_| |_| |_|_| |_|\__,_|_| |_| a pathetic example of his organic heritage - Bad Religion
Re: Closer to installation
John, when debugging problems one should closely watch the error_log file (usually open with tail -f). It always tells you what the problem is. So what does it say with your latest problem? __ Stas BekmanJAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide --- http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
Re: Be carefull with apache 1.3.24
Did not tested with that one... I was having problems with cookies only... Or so I thought :) On Mon, Apr 01, 2002 at 11:22:10PM +0200, Eric Cholet wrote: --On lundi 1 avril 2002 17:12 +0100 Pedro Melo Cunha [EMAIL PROTECTED] wrote: It seems to be fixed in CVS Haven't tried it yet... As far as I can tell the chunked response bug hasn't been fixed yet. Best regards, On Fri, Mar 29, 2002 at 01:26:43PM -0500, John Siracusa wrote: On 3/29/02 1:11 PM, John Siracusa wrote: On 3/23/02 8:01 PM, Pedro Melo Cunha wrote: Looking at the change log, they mention a bug that multiple set-cookie's will fail (only the last one will be sent to the client, the proxy will eat the others). And it was true... The problem is that 1.3.24 final also has that bug: only the last set-cookie will reach your browser. This was a show-stopper for my application. So I sat down, read the proxy code, and made a patch to solve the bug. Applied the attached patch to 1.3.24, but it complained: --- % patch -i ../mod_proxy_patch.diff src/modules/proxy/proxy_http.c patching file src/modules/proxy/proxy_http.c Reversed (or previously applied) patch detected! Assume -R? [n] y --- I'm not sure what that means Heh, n e v e r m i n d... :) Anyway, now that I have patched, working versions, what's the status on apache.org fixing this bug in the real distribution? -John -- Pedro Melo Cunha - [EMAIL PROTECTED] Novis Telecom, S.A. - Dir. Rede - ISP http://www.novis.pt/ Edifício Novis - Estrada da Outurela, 118 - 2795-606 Carnaxide tel: +351 21 0104340 - fax: +351 21 0104301 -- Eric Cholet Logilune -- Pedro Melo Cunha - [EMAIL PROTECTED] Novis Telecom, S.A. - Dir. Rede - ISP http://www.novis.pt/ Edifício Novis - Estrada da Outurela, 118 - 2795-606 Carnaxide tel: +351 21 0104340 - fax: +351 21 0104301
Re: SSL Installation Questions - Help
On Sat, Mar 09, 2002 at 10:12:32AM -0800, Kirk Rogers wrote: Hi all, So I went ahead and tried to install apache-ssl and am following the instructions to the T. I've acquired: mod_perl-1.26.tar.gz openssl-0.9.6c.tar.gz apache_1.3.22.tar.gz apache_1.3.22+ssl_1.47.tar.gz Man this is terrible. Having to compile, install, integrate everything yourself is a huge waste of time. Your are duplicating all the efforts put in by the distributions, for zero added value. Plus you've got an upgrade nightmare waiting for you. -- THESEE: Vous deviez le rendre moins volage ; Comment souffriez-vous cet horrible partage ? (Phèdre, J-B Racine, acte 5, scène 3)
Re: SSL Installation Questions - Help
On Sat, Mar 09, 2002 at 10:12:32AM -0800, Kirk Rogers wrote: Hi all, So I went ahead and tried to install apache-ssl and am following the instructions to the T. I've acquired: mod_perl-1.26.tar.gz openssl-0.9.6c.tar.gz apache_1.3.22.tar.gz apache_1.3.22+ssl_1.47.tar.gz Man this is terrible. Having to compile, install, integrate everything yourself is a huge waste of time. Your are duplicating all the efforts put in by the distributions, for zero added value. Plus you've got an upgrade nightmare waiting for you. It is quite easy actually. do it this way build and install open_ssl untar apache in /usr/src ln -s apache_version apache cp apache_1.3.22+ssl_1.47.tar.gz into the apache directory untar apache_1.3.22+ssl_1.47.tar.gz run ./FixPatch If you wish to use mod_so or any of the other non-standard modules rm src/Configuration rm src/Configuration.apaci edit src/Configuration.tmpl as required i.e. for mod_rewrite, mod_so, etc -- untar mod_perl distribution in the mod perl source directory, ... perl Makefile.PL \ APACHE_SRC=/usr/src/apache/src \ DO_HTTPD=1 \ USE_APACI=1 \ PREP_HTTPD=1 \ EVERYTHING=1 \ make make test # broken make install in apache directory ./configure --with-layout=Apache \ --activate-module=src/modules/perl/libperl.a make make install
Re: SSL Installation Questions - Help
Hello, LDMHaving to compile, install, integrate everything yourself is a huge LDMwaste of time. Your are duplicating all the efforts put in by the LDMdistributions, for zero added value. Huh? Having control over what modules go into your Apache, plus having one compiled on your machine for your version, is zero added value? I think most people on this list would disagree with you. Most of us who depend on Apache build our own for one reason or another. You can generally make an Apache that fulfills your needs and no more which consumes less memory and has less dependencies than a prebuilt binary from somewhere. And being tied to a vendor release schedule probably qualifies as far more of an upgrade nightmare than having to occasionally pull out the text file where you put your build procedure. Humbly, Andrew -- Andrew Ho http://www.tellme.com/ [EMAIL PROTECTED] Engineer [EMAIL PROTECTED] Voice 650-930-9062 Tellme Networks, Inc. 1-800-555-TELLFax 650-930-9101 --
Modperl Footers/Headers
Okay I've got an FBSD4.5 box with apache-1.3.24 with mod_perl1.26 I need to add a canned Footer to every page except one (toc.html). This includes Location handlers, .cgi, .pl, .s?html http://modperl.com:9000/perl_conference/cool_tricks/mp_footer.html I saw that... but this doesn't work since .cgi, .pl files don't get processed just read and output. (Works great for .html files though) I think I may need to do something with Apache::OuputChain but I don't know what. Anywhere I should read that I'm missing ? Thanks for the help. END -- Philip M. Gollucci (p6m7g8) [EMAIL PROTECTED] 301.314.3118 301.646.3011 Science, Discovery, the Universe (UMCP) Webmaster Webship Teacher URL: http://www.sdu.umd.edu EJournalPress.com Database/PERL Programmer System Admin URL : http://www.ejournalpress.com Homepage: http://p6m7g8.com Resume : http://p6m7g8.com/Work/index.html Software: http://p6m7g8.com/Developement/
Re: Apache::DBI or What ?
Hi! Thanks a lot for this. I am not sure now if I will be able to use it. I am afraid that if I do I will suddenly become its main supporter :) I also still don't see how a connection can be reconnected at such a high level. Even when I looked into the mySQL C api I didn't see anything that would help, which ment that the real stuff was barried deeper still. But the caching of connection handles makes sense, and that might still be worth while. Between this and mod_accel I have a lot to mess with. Thanks, Eric At 01:52 PM 3/30/02 -0500, Hank Leininger wrote: On 2002-03-27, Eric Frazier [EMAIL PROTECTED] wrote: If you have any idea where to find this code I would be thankful. I can only find this.. [snip] At 04:47 PM 3/26/02 -0500, John D Groenveld wrote: Jeff Horn posted this a couple years ago either here or @ dbi-users # Purpose: This version of Apache::DBI maintains a SINGLE persistent # connection to each database. When the user changes on Ask and ye shall receive ;) http://marc.theaimsgroup.com/?l=apache-modperlm=96614841600181w=2 Or just grab the last attachment, which is the replacement DBI.pm: http://marc.theaimsgroup.com/?l=apache-modperlm=96614841600181q=p6 -- Hank Leininger [EMAIL PROTECTED] http://www.kwinternet.com/eric (250) 655 - 9513 (PST Time Zone) Learn about the net, not the .Net!
Re: Apache::DBI or What ?
Eric Frazier wrote: I also still don't see how a connection can be reconnected at such a high level. It can't, unless your database specifically supports the command reauthenticate. Oracle does, which is what he wrote this for, but I don't think it's a standard part of SQL syntax so it will probably not work with MySQL. Of course MySQL connects really quickly, so you can probably get perfectly good performance without using Apache::DBI at all. - Perrin
Re: Closer to installation
Hi Stas, I have been watching my error_log. Here is what I have found so far (in a nut shell): mod_perl and php4 cannot co-exist. I have documented as best I can my findings in hopes that someone can 'fix' this problem: mod_perl only: - building Apache configure \ --enable-module=info \ --enable-module=status \ --activate-module=src/modules/perl/libperl.a \ --enable-module=perl \ --prefix=/usr/local/apache httpd.conf no LoadModules no AddModules apachectl start ---error log [Tue Apr 2 17:16:47 2002] [notice] Apache/1.3.23 (Unix) mod_perl/1.26 configured -- resuming normal operations [Tue Apr 2 17:16:47 2002] [notice] Accept mutex: sysvsem (Default: sysvsem) available mod_perl no SSL no PHP mod_perl and SSL: building Apache SSL_BASE=../openssl-0.9.6b \ configure \ --enable-module=info \ --enable-module=status \ --enable-module=proxy \ --enable-shared=proxy \ --enable-module=ssl \ --enable-shared=ssl \ --activate-module=src/modules/perl/libperl.a \ --enable-module=perl \ --prefix=/usr/local/apache httpd.conf LoadModule ssl_module libexec/libssl.so LoadModule perl_module libexec/libperl.so AddModules mod_ssl.c AddModules mod_perl.c apachectl start ---error log [Tue Apr 2 18:01:35 2002] [notice] Apache/1.3.23 (Unix) mod_perl/1.26 mod_ssl/2.8.7 OpenSSL/0.9.6b configured -- resuming normal operations [Tue Apr 2 18:01:35 2002] [notice] Accept mutex: sysvsem (Default: sysvsem) available mod_perl SSL no PHP mod_perl and SSL and php4: - building Apache same configuration httpd.conf LoadModule ssl_module libexec/libssl.so LoadModule perl_module libexec/libperl.so LoadModule php4_module libexec/libphp4.so AddModules mod_ssl.c AddModules mod_perl.c AddModules mod_php4.c apachectl start ---error log [Tue Apr 2 17:49:09 2002] [notice] Apache/1.3.23 (Unix) mod_perl/1.26 PHP/4.0.6 mod_ssl/2.8.7 OpenSSL/0.9.6b configured -- resuming normal operations [Tue Apr 2 17:49:09 2002] [notice] Accept mutex: sysvsem (Default: sysvsem) available - nothing The document contained no data appears in place of any web page ---error log [Tue Apr 2 17:49:40 2002] [notice] child pid 17034 exit signal Segmentation fault (11) Hope this helps. Thanks. John Kolvereid --- Stas Bekman [EMAIL PROTECTED] wrote: John, when debugging problems one should closely watch the error_log file (usually open with tail -f). It always tells you what the problem is. So what does it say with your latest problem? __ Stas BekmanJAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide --- http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com __ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/
install test fails
Redhat Linux 7.2 Apache 1.3.24 Perl 5.6.1 mod-perl-1.26 make test fails with result: /usr/bin/perl t/TEST 0 Can't locate object method new via package URI::URL (perhaps you forgot to load URI::URL?) at ../blib/lib/Apache/test.pm line 252. make: *** [run_tests] Error 255 typescript with complete output follows: Any clues greatly appreciated. Thanks! __ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ typescript.old Description: typescript.old
Re: Closer to installation
John Kolvereid wrote: Hi Stas, I have been watching my error_log. Here is what I have found so far (in a nut shell): mod_perl and php4 cannot co-exist. I have documented as best I can my findings in hopes that someone can 'fix' this problem: John, we are going in circles here: apachectl start ---error log [Tue Apr 2 17:49:09 2002] [notice] Apache/1.3.23 (Unix) mod_perl/1.26 PHP/4.0.6 mod_ssl/2.8.7 OpenSSL/0.9.6b configured -- resuming normal operations [Tue Apr 2 17:49:09 2002] [notice] Accept mutex: sysvsem (Default: sysvsem) available - nothing The document contained no data appears in place of any web page ---error log [Tue Apr 2 17:49:40 2002] [notice] child pid 17034 exit signal Segmentation fault (11) All I wanted is this logged message explaining why the page wasn't served. We have it now (you posted this earlier as well) Now please reread my earlier replies to you explaining how to get a core file dumped when Segfault happens and how to send to the modperl a backtrace, which will help to identify the problem. The debug is actually an easy thing to do: you have a problem with the script not doing the job 1. you go to the error_log file 1a. it's either a broken script, which you fix 1b. or it's a segfault 2. if it's a segfault you need to get the core file 3. you use gdb to get the backtrace from the core file (see the SUPPORT file) 4. you try to understand what the problem is by looking at the trace. if you don't understand it you send it to the list using the bugreport.pl script. __ Stas BekmanJAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide --- http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
cvs commit: modperl STATUS
geoff 02/04/02 07:10:02 Modified:.STATUS Log: add Win32 specific build problem, with a pointer to Randy's patch Revision ChangesPath 1.14 +8 -1 modperl/STATUS Index: STATUS === RCS file: /home/cvs/modperl/STATUS,v retrieving revision 1.13 retrieving revision 1.14 diff -u -r1.13 -r1.14 --- STATUS24 Mar 2002 23:54:32 - 1.13 +++ STATUS2 Apr 2002 15:10:02 - 1.14 -1,5 +1,5 mod_perl 1.3 STATUS: - Last modified at [$Date: 2002/03/24 23:54:32 $] + Last modified at [$Date: 2002/04/02 15:10:02 $] Release: -9,6 +9,13 Available Patches: + +* Win32 build problems with spaces in shell arguments +Report: http://marc.theaimsgroup.com/?l=apache-modperlm=101681938513575w=2 + Status: + patch available at + http://marc.theaimsgroup.com/?l=apache-modperlm=101729204503165w=2 + Needs Patch or Further Investigation
