RE: Minor issue with AuthenNTLM
-Message d'origine- De : André Warnier [mailto:a...@ice-sa.com] Envoyé : jeudi, 29. mars 2012 11:00 À : mod_perl list Objet : Re: Minor issue with AuthenNTLM Michiel Beijen wrote: Hi, IP schreef op 2012-03-27 16:03: I've successfuly managed to make AuthenNTLM work with my PHP script, but the for some reason the Apache error log is now flooded with messages like: [error] Bad/Missing NTLM/Basic Authorization Header for /somefile.php This is actually reported as a (very old) bug in the RT queue for the module: https://rt.cpan.org/Public/Bug/Display.html?id=39602 I was considering forking the module and fixing bugs like these, but I am not quite sure how much sense that makes given the fact that NTLM is deprecated technology. Huh ? Who said that ? To my knowledge, 99% of large corporations use NTLM (Windows Domain Authentication) as their basic AAA mechanism. If I remember correctly, Apache2::AuthenNTLM only supports NTLMv1, and recent versions of Windows require NTLMv2 by default (but apparently you can force it back to v1 by deploying some policies on the workstations). About forking the module .. I also considered that option a few years ago; fixing the bug mentioned above would be convenient, and adapting for NTLMv2 would be great ... but I gave up because it seemed very hard to grasp the logic and be able to modify it. The only thing I could come up with was Apache2::AuthenNTLM::Cookie, which keeps the identity in a cookie so that the NTLM handshake occurs only once ... and therefore you have less messages in your Apache log. Another bug with Apache2::AuthenNTLM is that it uses a semaphore for mutual exclusion; I'm not even sure that this semaphore is really necessary, but anyway sometimes there is a deadlock and requests have to wait for 30 or 40 seconds without reason. For the future, the way to go is Kerberos; this is what Microsoft is pushing in replacement for NTLM.
RE: Strawberry perl + mod_perl (call for testers)
-Message d'origine- De : Michael Ludwig [mailto:mil...@gmx.de] Envoyé : vendredi, 9. juillet 2010 22:16 À : modperl@perl.apache.org Objet : Re: Strawberry perl + mod_perl (call for testers) ... Relevant or not, this story makes me ask the following questions: Are there any people on this list using mod_perl 2.0 on Windows? Do you have any positive or negative experiences to share? I used to have a Win32 Apache2+mod_perl 2.0 stack with about 400 intranet users. Now the production server is on Unix, but I still use win32 for some development tasks, so I'm very happy that kmx now releases a distribution for Strawberry Perl. To answer the question, the experience is positive, so far I never encountered any problems that would be specific to win32. Laurent Dami
RE: mod_perl2 + fork + DBI = Chaos
-Message d'origine- De : Tosh Cooey [mailto:t...@1200group.com] Envoyé : lundi, 25. janvier 2010 17:08 À : modperl@perl.apache.org Objet : mod_perl2 + fork + DBI = Chaos My application-from-hell is doing odd things probably related to the above storms and culminating in a perfect storm. Can anyone point me to resources outlining the best way to use the combination in the subject line? See the DBI doc under InactiveDestroy; there are some words of advice about forks. But anyway, as said in that doc, passing a dbh across a fork is not supported by all drivers. In particular if your ..parent things.. also includes some access to the dbh, then you might enter into nasty concurrency problems, and that might force you to change the architecture of your app ... Good luck anyway! Laurent Dami
wrote Authen module dealing with cookies : now POST requests get corrupted. Any advice ?
Hi everybody, I recently wrote an extension to Apache2::AuthenNTLM in order to store the NTLM authentified username in a cookie (module http://search.cpan.org/dist/Apache2-AuthenNTLM-Cookie/). Now I found out that this module has a critical bug : the content of POST requests gets corrupted (bug http://rt.cpan.org/Ticket/Display.html?id=36847). I don't really know where to start to fix the bug. My hypothesis is that perhaps this is because I'm using Apache2::Cookie, which itself uses libaprequest, and maybe these modules are not meant to be used in an early Apache phase, and leave the input stream in an buggy state. I looked at a couple of other authentication modules using cookies, but they don't seem to use the Apache2::Cookie API. Is that the hypothesis correct ? Does anybody have good advice on that problem ? Thanks in advance, Laurent Dami
mod_perl PPM missing Apache2::Reload
-Message d'origine- De : Randy Kobes [mailto:[EMAIL PROTECTED] Envoyé : jeudi, 21. février 2008 03:56 [snip] As there's been several requests for this, I've put up an ActivePerl 10xx ppm package of mod_perl2, based on the current svn sources, at http://cpan.uwinnipeg.ca/PPMPackages/10xx/ which you can install via C:\ ppm install http://cpan.uwinnipeg.ca/PPMPackages/10xx/mod_perl.ppd There's also a ppm package of libapreq2 (which supplies, amongst other things, Apache2::Request and Apache2::Cookie) in the same repository. Please let me know if you have any problems installing these - thanks. Both these packages are based on Apache/2.2, and hence are incompatible with Apache/2.0. If you're using Apache/2.0 and would like a ppm package, let me know and I'll make one up. -- best regards, Randy Kobes Hi Randy, Thanks a lot, seems to work fine (but I didn't test very extensively yet). Just one small bug in the PPM : the ppd file mentions Apache2::Reload, but this is not included in the tar.gz file. So I had to manually install it. best regards, Laurent Dami
mod_perl / Perl5.10 / Win32 ?
Hi all, I don't know where to find answers to the following questions, so better ask the list : - 1) is modperl2 currently compatible with Perl 5.10 ? If not, are some people working on it ? For which target date ? - 2) if the answer is YES, then did anybody compile it into a PPM for Win32 ? Didn't find it at ActiveState nor at uwinnipeg. Thanks in advance, Laurent Dami
RE: REST
-Message d'origine- De : Beginner [mailto:[EMAIL PROTECTED] Envoyé : mardi, 27. novembre 2007 18:49 À : modperl@perl.apache.org Objet : REST Hi, I hope this isn't a dumb question. I want to try and create a small REST style installation and was considering how to overcome the problem of urls in the form http://www.myfactory.com/parts/1234 The resource after /parts could in theory be any number but you would not want to have a Location for each part that existed. Rather you'd want the handler responsible for /parts to check your db and return either content or 400. On the face of it this is the sort of thing mod_perl should excel at. Does it? Can you intercept requests like this one above? Which API methods should I be looking at? TIA, Dp. This is the sort of things that Catalyst would excel at, especially if you have several nesting levels (i.e. parts/1234/subpart/567/form). See Catalyst doc at http://search.cpan.org/~jrockway/Catalyst-Manual-5.701003/lib/Catalyst/Manual/Intro.pod. But if you don't need that complexity, you can easily do it in mod_perl : configure Apache with something like LocationMatch /parts/\d+$ SetHandler modperl PerlResponseHandler My::Parts::Handler /LocationMatch and then have your module My::Parts::Handler parse the URL and get to the part number. Good luck, L. Dami
RE: Checking for group membership in a mod perl handler.
I want to use a perl module to check group membership. Specifically I want to check the department property in our active directory, and use this to allow or deny access. Writing Perl code that gets this info from the AD is not the problem. My problem is that its not clear to me how to tie this code in the whole apache processing. Do I need to write a PerlAuthzHandler? Or something else? Hi Krist, You already have the answer : what you need is a PerlAuthzHandler. See the example in http://perl.apache.org/docs/2.0/user/handlers/http.html#PerlAuthzHandler . Your handler code can use Apache2::Access::requires to find out about require directives for this request, and then use that info to ask your AD server. Best regards, Laurent Dami
unable to prepend directories in front of @INC (MP2, Windows, Kobes distribution)
Title: unable to prepend directories in front of @INC (MP2, Windows, Kobes distribution) Hi everybody, I'm unable to prepend directories in front of @INC while starting Apache/ModPerl (using Randy Kobes distribution for Windows, Embedded Perl version v5.8.7 for Apache/2.0.54, ModPerl 2) I tried the following : use lib /my/private/lib in startup.pl unshift @INC, /my/private/lib in startup.pl PerlSetEnv PERL5LIB /my/private/lib in perl.conf In all cases, /my/private/lib ends up in second position in @INC, after C:/perl/site/lib. I need it to go BEFORE. Anybody has a hint ? Thanks in advance, L. Dami