Antwort: Re: AW: Apache Prozesse unter Windows Server 2003
Unable to allocate 90112 bytes Könnte das nicht heißen, daß der Prozessspeicher voll ist? Win 32 hat bekanntlich die 2GB Grenze, wobei in manchen Fällen diese Grenze sogar noch weiter unten ist und hier glaube ich bei so einer großen Anzahl von Threads könnte das 2GB Limit erreicht werden. lg Dietmar Henk Strobel/netwood [EMAIL PROTECTED] am 20.01.2006 11:00:24 Bitte antworten an users-de@httpd.apache.org An: users-de@httpd.apache.org Kopie: Thema: Re: AW: Apache Prozesse unter Windows Server 2003 Guten Morgen, - Wie steht's mit MaxKeepAliveRequests und KeepAliveTimeout? Ersteres scheine ich schon mal hochgesetzt zu haben: # geaendert 20051128, war: 100 MaxKeepAliveRequests 1000 KeepAliveTimeout 15 - Was steht im error.log fuer die Zeiten wo die Probleme auftreten? Nichts, aber sporadisch (zu anderen Zeiten) treten solche Fehler auf: FATAL: erealloc(): Unable to allocate 90112 bytes [Tue Jan 17 22:15:03 2006] [notice] Parent: child process exited with status 1 -- Restarting. Danach läuft offenbar aber alles normal weiter, access-Log ist zu diesen Zeiten unauffällig... - Gibt's Informationen zur warteschlangenaus- lastung? Wie komme ich da ran? Vielen Dank und viele Grüße Henk Strobel Heinrich C. Kuhn schrieb: Betreiben hier Apache auf ziemlich aehnlicher Basis. Ohne Probleme. Bedim Blick auf die http.conf: folgende Fragen/Anregungen: - Wie steht's mit MaxKeepAliveRequests und KeepAliveTimeout? (die habe ich beide hier deutlich hochgesetzt) - Was steht im error.log fuer die Zeiten wo die Probleme auftreten? - Aussergewoenliche Eintraege im access.log fuer diese Zeiten (gosse Uploads, Hacker- Angriffsversuche o.dgl.?) - Gibt's Informationen zur warteschlangenaus- lastung? HTH hck Hallo, hier die Teile der httpd.conf, die ich für relevant halte: [...] IfModule mpm_winnt.c # geaendert auf 1000 20051128, war: 250 # geaendert auf 5000 20060118 ThreadsPerChild 5000 #ThreadLimit 5000 MaxRequestsPerChild 0 /IfModule [...] LoadModule php4_module c:/php/sapi/php4apache2.dll LoadFile c:/perl/bin/perl58.dll LoadModule perl_module modules/mod_perl.so [...] AddType application/x-httpd-php .php [...] AddHandler cgi-script .cgi .pl [...] Es gibt einige virtuelle Hosts, auf einem wird SSL genutzt. Experimente mit ThreadsPerChild zusammen mit ThreadLimit haben zu merkwürdig instabilem Verhalten geführt (Der Serer hat nach kürzester Zeit keine Anfragen beantwortet, deshalb habe ich das erst einmal gelassen... Viele Grüße Henk Strobel Meißner schrieb: hi, wie sieht denn die config dazu aus ? bevor wir in die glaskugel blicken muessen ... fragende grüße h1 -Ursprüngliche Nachricht- Von: Henk Strobel / netwood [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 18. Januar 2006 12:06 An: users-de@httpd.apache.org Betreff: Apache Prozesse unter Windows Server 2003 Hallo, ich habe ein Problem mit dem Apache 2.0.50 auf Windows Server 2003: Es kommt immer wieder vor - offenbar zu Stoßzeiten - das der Server nicht auf Anfragen reagiert. Zu diesem Zeitpunkt sind in der Prozeßliste 3 Apache-Prozesse zu sehen. Wenn man versucht, den Apache neu zu starten, bleibt ein Prozess bestehen. Zu anderen Zeitpunkten (wenn der Server normal lief) habe ich bisher immer nur zwei Apache-Prozesse gesehen. Meine Theorie ist, das der Apache es aus irgendwelchen Gründen es nicht schafft, einen neuen Prozess zu starten, wenn ThreadsPerChild erreicht ist, bzw. sich dieser Prozess sofort aufhängt. In den Apache- und Systemlogs ist nichts zu finden. Habe ThreadsPerChild auf 1000 erhöht, das Problem tritt trotzdem auf. Hat jemand eine Idee? Es handelt sich um eine Maschine mit 4 Prozessoren und 4 GB RAM. Viele Grüße Henk Strobel -- Apache HTTP Server Mailing List users-de unsubscribe-Anfragen an [EMAIL PROTECTED] sonstige Anfragen an [EMAIL PROTECTED] -- -- Apache HTTP Server Mailing List users-de unsubscribe-Anfragen an [EMAIL PROTECTED] sonstige Anfragen an [EMAIL PROTECTED] -- -- Henk Strobel / webentwicklung netwood new media services GmbH - Georgstr. 56 30159 Hannover fon: +49 (0)511 28061 304 fax: +49 (0)511 28061 310 email: [EMAIL PROTECTED] -- Apache HTTP Server Mailing List users-de unsubscribe-Anfragen an [EMAIL PROTECTED] sonstige Anfragen an [EMAIL PROTECTED]
Re: Antwort: Re: AW: Apache Prozesse unter Windows Server 2003
Merkwürdig dabei ist, das diese Problem nicht nur zu Stosszeiten auftritt, sondern auch z.T. nachts, wenn praktisch nichts los ist. Dieser Server ist extrem tagaktiv ;-) Mit dem zuerst genannten Problem haben diese Fehler wohl nichts zu tun, da sie zu anderen Zeiten auftreten, deshalb würde ich das Thema Unable to allocate... gerne erstmal zurückstellen. Habe jetzt erstmal EnableMMAP und EnableSendfile deaktiviert, mal sehen, ob das was bringt. Stochern im Nebel... [EMAIL PROTECTED] schrieb: Unable to allocate 90112 bytes Könnte das nicht heißen, daß der Prozessspeicher voll ist? Win 32 hat bekanntlich die 2GB Grenze, wobei in manchen Fällen diese Grenze sogar noch weiter unten ist und hier glaube ich bei so einer großen Anzahl von Threads könnte das 2GB Limit erreicht werden. lg Dietmar Henk Strobel/netwood [EMAIL PROTECTED] am 20.01.2006 11:00:24 Bitte antworten an users-de@httpd.apache.org An: users-de@httpd.apache.org Kopie: Thema: Re: AW: Apache Prozesse unter Windows Server 2003 Guten Morgen, - Wie steht's mit MaxKeepAliveRequests und KeepAliveTimeout? Ersteres scheine ich schon mal hochgesetzt zu haben: # geaendert 20051128, war: 100 MaxKeepAliveRequests 1000 KeepAliveTimeout 15 - Was steht im error.log fuer die Zeiten wo die Probleme auftreten? Nichts, aber sporadisch (zu anderen Zeiten) treten solche Fehler auf: FATAL: erealloc(): Unable to allocate 90112 bytes [Tue Jan 17 22:15:03 2006] [notice] Parent: child process exited with status 1 -- Restarting. Danach läuft offenbar aber alles normal weiter, access-Log ist zu diesen Zeiten unauffällig... - Gibt's Informationen zur warteschlangenaus- lastung? Wie komme ich da ran? Vielen Dank und viele Grüße Henk Strobel Heinrich C. Kuhn schrieb: Betreiben hier Apache auf ziemlich aehnlicher Basis. Ohne Probleme. Bedim Blick auf die http.conf: folgende Fragen/Anregungen: - Wie steht's mit MaxKeepAliveRequests und KeepAliveTimeout? (die habe ich beide hier deutlich hochgesetzt) - Was steht im error.log fuer die Zeiten wo die Probleme auftreten? - Aussergewoenliche Eintraege im access.log fuer diese Zeiten (gosse Uploads, Hacker- Angriffsversuche o.dgl.?) - Gibt's Informationen zur warteschlangenaus- lastung? HTH hck Hallo, hier die Teile der httpd.conf, die ich für relevant halte: [...] IfModule mpm_winnt.c # geaendert auf 1000 20051128, war: 250 # geaendert auf 5000 20060118 ThreadsPerChild 5000 #ThreadLimit 5000 MaxRequestsPerChild 0 /IfModule [...] LoadModule php4_module c:/php/sapi/php4apache2.dll LoadFile c:/perl/bin/perl58.dll LoadModule perl_module modules/mod_perl.so [...] AddType application/x-httpd-php .php [...] AddHandler cgi-script .cgi .pl [...] Es gibt einige virtuelle Hosts, auf einem wird SSL genutzt. Experimente mit ThreadsPerChild zusammen mit ThreadLimit haben zu merkwürdig instabilem Verhalten geführt (Der Serer hat nach kürzester Zeit keine Anfragen beantwortet, deshalb habe ich das erst einmal gelassen... Viele Grüße Henk Strobel Meißner schrieb: hi, wie sieht denn die config dazu aus ? bevor wir in die glaskugel blicken muessen ... fragende grüße h1 -Ursprüngliche Nachricht- Von: Henk Strobel / netwood [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 18. Januar 2006 12:06 An: users-de@httpd.apache.org Betreff: Apache Prozesse unter Windows Server 2003 Hallo, ich habe ein Problem mit dem Apache 2.0.50 auf Windows Server 2003: Es kommt immer wieder vor - offenbar zu Stoßzeiten - das der Server nicht auf Anfragen reagiert. Zu diesem Zeitpunkt sind in der Prozeßliste 3 Apache-Prozesse zu sehen. Wenn man versucht, den Apache neu zu starten, bleibt ein Prozess bestehen. Zu anderen Zeitpunkten (wenn der Server normal lief) habe ich bisher immer nur zwei Apache-Prozesse gesehen. Meine Theorie ist, das der Apache es aus irgendwelchen Gründen es nicht schafft, einen neuen Prozess zu starten, wenn ThreadsPerChild erreicht ist, bzw. sich dieser Prozess sofort aufhängt. In den Apache- und Systemlogs ist nichts zu finden. Habe ThreadsPerChild auf 1000 erhöht, das Problem tritt trotzdem auf. Hat jemand eine Idee? Es handelt sich um eine Maschine mit 4 Prozessoren und 4 GB RAM. Viele Grüße Henk Strobel -- Apache HTTP Server Mailing List users-de unsubscribe-Anfragen an [EMAIL PROTECTED] sonstige Anfragen an [EMAIL PROTECTED] -- -- Apache HTTP Server Mailing List users-de unsubscribe-Anfragen an [EMAIL PROTECTED] sonstige Anfragen an [EMAIL PROTECTED] -- -- Henk Strobel / webentwicklung netwood new media services GmbH
Apache 2.2.0 auf Linux mit einem Limit-, LimitExpect-Problem
Nabend, auf einem GNU/Linux (64bit) habe ich mir einen Apache 2.2.0 kompiliert und scheitere nun daran die HTTP-Methoden zu beschränken. In der httpd.conf habe ich folgendes aufgenommen: Directory / Options FollowSymLinks AllowOverride None Order Deny,Allow Denyfrom all LimitExcept GET Order Deny,Allow Denyfrom all /LimitExcept /Directory Bei einem Apache 1.3.x führt ein POST-Request bei dieser Konfiguration zu etwa folgendem Response-Header: HTTP/1.1 403 Forbidden Date: Fri, 20 Jan 2006 20:55:12 GMT Server: Apache Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=iso-8859-1 Leider nicht beim neuen Apache 2.2.0: HTTP/1.1 200 OK Date: Fri, 20 Jan 2006 20:58:23 GMT Server: Apache Vary: Accept-Encoding Content-Length: 1201 Connection: close Content-Type: text/html; charset=iso-8859-1 Per Post übergebene Daten werden auch an Scripte weitergereicht, auch ein OPTIONS-Request zeigt, daß die Konfiguration zum teil keine Wirkung entfaltet: HTTP/1.1 200 OK Date: Fri, 20 Jan 2006 21:03:09 GMT Server: Apache Vary: Accept-Encoding Content-Length: 1425 Connection: close Content-Type: text/html; charset=iso-8859-1 Es wird also kein Allow gesendet, aber Status 200 ist mir jedenafallse nicht OK. Folgende Module sind eingebunden: core_module(static) authn_file_module (static) authn_default_module (static) authz_host_module (static) authz_groupfile_module (static) authz_user_module (static) auth_basic_module (static) auth_digest_module (static) dumpio_module (static) include_module (static) deflate_module (static) log_config_module (static) logio_module (static) expires_module (static) headers_module (static) setenvif_module(static) ssl_module (static) mpm_worker_module (static) http_module(static) mime_module(static) dav_module (static) dav_fs_module (static) negotiation_module (static) dir_module (static) alias_module (static) so_module (static) php5_module(shared) Weiß jemand Rat, oder ist von einem Bug auszugehen? Gruß Aus Berlin! -- Apache HTTP Server Mailing List users-de unsubscribe-Anfragen an [EMAIL PROTECTED] sonstige Anfragen an [EMAIL PROTECTED] --
AW: Re4: [EMAIL PROTECTED] stickysession at mod_proxy_balancer
hi dom,
seems strange.
Can it be any of the following issues from the bugzilla of apache
url encoding cookie
http://issues.apache.org/bugzilla/show_bug.cgi?id=34844
ProxyPassReverse doesn't change cookie paths
http://issues.apache.org/bugzilla/show_bug.cgi?id=10722
or this on which was changed in mod_proxy_balancer.c around 14.12
http://svn.apache.org/viewcvs.cgi/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_balancer.c?rev=356764r1=332309r2=356764diff_format=h
this i have in my actual running apache.
bye
Oliver
Von: dom [mailto:[EMAIL PROTECTED]
Gesendet: Mi 18.01.2006 17:44
An: users@httpd.apache.org
Betreff: Re4: [EMAIL PROTECTED] stickysession at mod_proxy_balancer
dear oliver,
hmm.. that was i guessd as well at the beginning, so i added the cookie
[%{sessionkey}C] into the apache-log-file, and it looks exactely like it have
to [12345678.A_]! :-(
strange is that when i access the balancing module (the summary where all the
members are shown, etc..) on stickysession is no entry, the route is shown..
when i manually add sessionkey to 'stickysession' it's shown but same
funtionality..
i'm going stupid soon.. ;-)
thanks
dom
Hi dom,
so than it seems that the definitions which you had in your apache
configuration don't match your session cookie
Can you use tamper data
https://addons.mozilla.org/extensions/moreinfo.php?id=966application=firefox
https://addons.mozilla.org/extensions/moreinfo.php?id=966application=firefox
or iehttpheaders to see whar you have in your headers sent by the
server when he sends you the cookie [the line sith set-cookie] .
Upon this set-cookie your Browser should send back every time a
headerline beginning with cookie.
If this is the case than the cookie should look like
12345678.A_ oder 12345678.B_ . Otherwise you have to change your
configuration
If you don't want to run in a timeout or if you have a firewall
inbetween the apache and the backend web server than you can add
keepalive=on behind the route.
bye
Oliver
Von: dom [mailto:[EMAIL PROTECTED]
Gesendet: Mi 18.01.2006 12:27
An: users@httpd.apache.org
Cc: Schaudt, Oliver
Betreff: Re: [EMAIL PROTECTED] stickysession at mod_proxy_balancer
Hi Oliver,
1. no, i don't.. thats the strange thing.. just see in the accesslog:
[debug] mod_proxy_balancer.c(41): proxy: BALANCER: canonicalising URL
//produrl/site
[debug] mod_proxy_balancer.c(803): proxy: Entering byrequests for BALANCER
(balancer://prod)
[debug] mod_proxy_balancer.c(396): proxy: BALANCER (balancer://prod) worker
(http://192.168.1.1:8001 http://192.168.1.1:8001/
http://192.168.1.1:8001/ ) rewritten to
http://192.168.1.1:8001/site
[debug] mod_proxy.c(736): Running scheme balancer handler (attempt 0)
2. don't really understand your question. my 'backendservers' produce
a cookie
with teh attribute 'sessionkey' and use this for the own
sessiondeclaration, so
i thought to use that one. i (the webserver) just added .A_ at the
end of the
sessionkey for identify the 'route' to apache, but i guess thats not the only
thing i need to do? i can produce every cookie-attribute you like, thats not
the problem.. whats jvmroute? i'm not using tomcat, we use a self written
webserver..
i thought it should be easy: a have allready a sessionkey, so thats
nice. then
the backendwebserver now which server he is, so he set another attribute, and
add this to the sessionkey (sessionkey.route) and this route is
definied on the
BalanceMember.. but i guess i missunderstand the topc.. :-(
bye
dom
Quoting [EMAIL PROTECTED]:
Hi dom,
1. Do you see some lines like proxy: BALANCER: Found value
12721798.A_ for stickysession sessionkey in the error_log ?
2.Do you have set your session-identifier nameinside your servers
behind Apache to sessionkey and the route alias jvmroute to your
A_ and B_ ? If not than it won't work.
Bye
Oliver
Von: dom [mailto:[EMAIL PROTECTED]
Gesendet: Di 17.01.2006 16:23
An: users@httpd.apache.org
Betreff: [EMAIL PROTECTED] stickysession at mod_proxy_balancer
hi,
i'm using apache 2.2 because of the balancing module, but i can't
figure out why
the 'stickyness' doesn't work.
-snip-
LogLevel debug
ProxyPass / balancer://prod/ stickysession=sessionkey nofailover=On
Proxy balancer://prod
BalancerMember http://192.168.1.1:8001 http://192.168.1.1:8001/
http://192.168.1.1:8001/
http://192.168.1.1:8001/ route=A_
BalancerMember http://192.168.1.2:8001 http://192.168.1.2:8001/
http://192.168.1.2:8001/
http://192.168.1.2:8001/ route=B_
/VirtualHost
-snip-
the sessionkey-coockie is set to something like 12721798.A_
after a few clicks (depends from 2 to 15) i get connectet to the
second Member,
but don't see why! any ideas?
when i have a look at the logfile, i never see some information about the
coockie or so.. :-(
thanks in advance
dom
Re: [EMAIL PROTECTED] Solaris SIGBUS and core on changes to mmap'd files
On Thu, Jan 19, 2006 at 06:08:21PM -, Matt Willsher wrote: I have a set up where by Apache serves static content from an NFS share. This works ok most of the time but we have been getting occasional BUS signals, resulting in core dump, when reading files. This apparently occurs because the requested file changes between it being mmap'd and the memcpy. This is a known issue with 1.3. Upgrade to 2.0, and the server will usually use sendfile(), which avoids the problem, and the EnableMMAP and EnableSendfile directives are available to control it precisely. In general if files on your site are modified in-place you will sometimes be serving corrupt content, so this situation is generally better avoided in the first place. Regards, joe - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] php_admin_flag question
On Wed, Jan 18, 2006 at 08:13:00PM -0600, Graham Frank wrote: I am trying to restrict a open_basedir to the document root of the domain. So I have the following in httpd.conf. Location / php_admin_value open_basedir / /Location open_basedir takes a filesystem path, that directive has no effect at all. open_basedir itself is not a reliable security barrier in any case, see http://www.php.net/security-note.php. joe - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] php_admin_flag question
Heh, what's funny is that the PHP docs actually suggest that (but using Directory). Anyway, I've come up with another solution, so this is resolved. -Graham Frank - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Follow symbolic links: report symbolic link names vs. real names
I would like to configure Apache 2.0.52 on Linux to follow symbolic links to directories. The directory names I am using are defined as symbolic links on the file system. The FollowSymLinks parameter is configured in httpd.conf. According to /var/log/httpd/error_log the symbolic links are followed correctly, but the log file shows the real directory names not the symbolic ones (which is why my CGI script fails to run). How do I configure Apache to follow symbolic links to directories without internally using/reporting the file system's real directory names? Thanks, David - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] AddOutputFilterByType MIME wildcards?
Hi, The documentation contains the sample AddOutputFilterByType DEFLATE text/html text/plain But is it also possible to use text/*?
Re: [EMAIL PROTECTED] Virtual directories
On 1/20/06, Muhammad Rizwan [EMAIL PROTECTED] wrote: Hello Is it possible to add more then one Alias entry in one Virtual host, e.g. Alias /AliasDirectory /to/my/path/in/DD Alias /AliasDir /to/my/path/in/EE Yes. You need to list the most specific entry first. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Follow symbolic links: report symbolic link names vs. real names
On 1/20/06, David Knecht [EMAIL PROTECTED] wrote: I would like to configure Apache 2.0.52 on Linux to follow symbolic links to directories. The directory names I am using are defined as symbolic links on the file system. The FollowSymLinks parameter is configured in httpd.conf. According to /var/log/httpd/error_log the symbolic links are followed correctly, but the log file shows the real directory names not the symbolic ones (which is why my CGI script fails to run). Please be more specific about exactly what your CGI scripts expect and exactly what they get. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] AddOutputFilterByType MIME wildcards?
I never managed to make AddOutputFilterByType work properly for DEFLATE. There is a Bugzilla report that basically says that it does not work and is beyond salvation. You should try using mod_filter; that's what I ended up doing. Although mod_filter is an Apache 2.2 module, it is perfectly compatible with Apache 2.0 - just takes a few tricks to compile it. I seem to remember that Nick Kew describes how to compile it for Apache 2.0 on his site. -ascs -Original Message- From: Olaf van der Spek [mailto:[EMAIL PROTECTED] Sent: Friday, January 20, 2006 3:09 PM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] AddOutputFilterByType MIME wildcards? Hi, The documentation contains the sample AddOutputFilterByType DEFLATEtext/html text/plainBut is it also possible to use text/*? - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re6: [EMAIL PROTECTED] stickysession at mod_proxy_balancer
hi all,
thanks, but have allready the newest one.. all patches allready included.. :-(
it looks like he never checks the cookie for route! (there should be a few
entrys into the log) no idear anymore..
[debug] mod_proxy_balancer.c(41): proxy: BALANCER: canonicalising URL
//test/site
[debug] mod_proxy_balancer.c(438): proxy: BALANCER (balancer://prod) worker
(http://192.168.1.1:80) rewritten to ...
nice weekend
dom
Quoting [EMAIL PROTECTED]:
hi dom,
seems strange.
Can it be any of the following issues from the bugzilla of apache
url encoding cookie
http://issues.apache.org/bugzilla/show_bug.cgi?id=34844
ProxyPassReverse doesn't change cookie paths
http://issues.apache.org/bugzilla/show_bug.cgi?id=10722
or this on which was changed in mod_proxy_balancer.c around 14.12
http://svn.apache.org/viewcvs.cgi/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_balancer.c?rev=356764r1=332309r2=356764diff_format=h
this i have in my actual running apache.
bye
Oliver
Von: dom [mailto:[EMAIL PROTECTED]
Gesendet: Mi 18.01.2006 17:44
An: users@httpd.apache.org
Betreff: Re4: [EMAIL PROTECTED] stickysession at mod_proxy_balancer
dear oliver,
hmm.. that was i guessd as well at the beginning, so i added the cookie
[%{sessionkey}C] into the apache-log-file, and it looks exactely like it have
to [12345678.A_]! :-(
strange is that when i access the balancing module (the summary where all the
members are shown, etc..) on stickysession is no entry, the route is shown..
when i manually add sessionkey to 'stickysession' it's shown but same
funtionality..
i'm going stupid soon.. ;-)
thanks
dom
Hi dom,
so than it seems that the definitions which you had in your apache
configuration don't match your session cookie
Can you use tamper data
https://addons.mozilla.org/extensions/moreinfo.php?id=966application=firefox
https://addons.mozilla.org/extensions/moreinfo.php?id=966application=firefox
or iehttpheaders to see whar you have in your headers sent by the
server when he sends you the cookie [the line sith set-cookie] .
Upon this set-cookie your Browser should send back every time a
headerline beginning with cookie.
If this is the case than the cookie should look like
12345678.A_ oder 12345678.B_ . Otherwise you have to change your
configuration
If you don't want to run in a timeout or if you have a firewall
inbetween the apache and the backend web server than you can add
keepalive=on behind the route.
bye
Oliver
Von: dom [mailto:[EMAIL PROTECTED]
Gesendet: Mi 18.01.2006 12:27
An: users@httpd.apache.org
Cc: Schaudt, Oliver
Betreff: Re: [EMAIL PROTECTED] stickysession at mod_proxy_balancer
Hi Oliver,
1. no, i don't.. thats the strange thing.. just see in the accesslog:
[debug] mod_proxy_balancer.c(41): proxy: BALANCER: canonicalising URL
//produrl/site
[debug] mod_proxy_balancer.c(803): proxy: Entering byrequests for BALANCER
(balancer://prod)
[debug] mod_proxy_balancer.c(396): proxy: BALANCER (balancer://prod) worker
(http://192.168.1.1:8001 http://192.168.1.1:8001/
http://192.168.1.1:8001/ ) rewritten to
http://192.168.1.1:8001/site
[debug] mod_proxy.c(736): Running scheme balancer handler (attempt 0)
2. don't really understand your question. my 'backendservers' produce
a cookie
with teh attribute 'sessionkey' and use this for the own
sessiondeclaration, so
i thought to use that one. i (the webserver) just added .A_ at the
end of the
sessionkey for identify the 'route' to apache, but i guess thats not
the only
thing i need to do? i can produce every cookie-attribute you like, thats not
the problem.. whats jvmroute? i'm not using tomcat, we use a self written
webserver..
i thought it should be easy: a have allready a sessionkey, so thats
nice. then
the backendwebserver now which server he is, so he set another
attribute, and
add this to the sessionkey (sessionkey.route) and this route is
definied on the
BalanceMember.. but i guess i missunderstand the topc.. :-(
bye
dom
Quoting [EMAIL PROTECTED]:
Hi dom,
1. Do you see some lines like proxy: BALANCER: Found value
12721798.A_ for stickysession sessionkey in the error_log ?
2.Do you have set your session-identifier nameinside your servers
behind Apache to sessionkey and the route alias jvmroute to your
A_ and B_ ? If not than it won't work.
Bye
Oliver
Von: dom [mailto:[EMAIL PROTECTED]
Gesendet: Di 17.01.2006 16:23
An: users@httpd.apache.org
Betreff: [EMAIL PROTECTED] stickysession at mod_proxy_balancer
hi,
i'm using apache 2.2 because of the balancing module, but i can't
figure out why
the 'stickyness' doesn't work.
-snip-
LogLevel debug
ProxyPass / balancer://prod/ stickysession=sessionkey nofailover=On
Proxy balancer://prod
BalancerMember http://192.168.1.1:8001 http://192.168.1.1:8001/
http://192.168.1.1:8001/
http://192.168.1.1:8001/ route=A_
BalancerMember http://192.168.1.2:8001 http://192.168.1.2:8001/
RE: [EMAIL PROTECTED] ldaps authentication
No luck on this thread. Let me ask a different question: Is anyone using ldaps authentication - or ldap for that matter? Anyone using ldaps to AD? Thanks, Grant --- -Original Message- From: Sturgis, Grant Sent: Wednesday, January 18, 2006 2:12 PM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] ldaps authentication Greetings List, I have seen this question posted several times, but have not seen a resolution. If it is in the archives, I apologize for not seeing it there. I have ldap authentication working using mod_auth_ldap, but I want to enable ldaps to avoid transmitting passwords in clear text. This is the configuration so far: Directory /home/httpd/ldap_test AuthType basic AuthName ldap test AuthLDAPUrl ldap://dc1.domain.com/dc=domain,dc=com?sAMAccountName?sub?(obj ectClass=u ser) AuthLDAPBindDN cn=nobody,ou=Users-IT,dc=domain,dc=com AuthLDAPBindPassword password AuthLDAPGroupAttribute member require group cn=ldap_test_group,ou=Users-IT,dc=domain,dc=com /Directory however, to enable ldaps, I add these lines (outside the Directory, of course): LDAPTrustedCA /etc/httpd/conf/cacerts/dc1.cer LDAPTrustedCAType BASE64_FILE and then change ldap to ldaps in the AuthLDAPUrl line and it stops working. I have used this cert successfully in pam_ldap and ldapsearch. Any suggestions for what I could be doing wrong? The details: RHEL ES 4 httpd-2.0.52-22.ent Thanks for any suggestions, Grant - Pardon this rubbish: This electronic message transmission is a PRIVATE communication which contains information which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. Please notify the sender of the delivery error by replying to this message, or notify us by telephone (877-633-2436, ext. 0), and then delete it from your system. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This electronic message transmission is a PRIVATE communication which contains information which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. Please notify the sender of the delivery error by replying to this message, or notify us by telephone (877-633-2436, ext. 0), and then delete it from your system. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] problem with mod_auth and mod_auth_pam working together
I'm running Apache 1.3.34 along with mod_auth and mod_auth_pam. I am trying to make a link available to anyone in /etc/passwd or VIA mod_auth basic authentication. The .htaccess is as follows: AuthType Basic AuthUserFile /cs/home/jas/passwords AuthPAM_Enabled on AuthPAM_FallThrough on AuthAuthoritative Off Require valid-user Everything works except when the username that is entered does not exist in /etc/passwd AND does not exist in the basic password file. When this happens, the web server records: configuration error: couldn't check user. No user file?: /~jas/mylink ... but there is definately a user file there since valid username and password combos work. I don't think the problem is mod_auth_pam .. it seems to be falling through correctly. It is as if when mod_auth fails, it sends the request off into the bit bucket instead of realizing that it is at the end of the chain. How can I tell Apache with AuthAuthoritative turned off to stop after mod_auth fails? How can I determine if there is some other authentication it is secretly trying? Thanks for any help you can provide.. Jason. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] ldaps authentication
What do logs show ? Also, do you know if you are establishing a connection ? And, also, any permissions issue with the server reading the certificate ? Sturgis, Grant wrote: No luck on this thread. Let me ask a different question: Is anyone using ldaps authentication - or ldap for that matter? Anyone using ldaps to AD? Thanks, Grant --- -Original Message- From: Sturgis, Grant Sent: Wednesday, January 18, 2006 2:12 PM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] ldaps authentication Greetings List, I have seen this question posted several times, but have not seen a resolution. If it is in the archives, I apologize for not seeing it there. I have ldap authentication working using mod_auth_ldap, but I want to enable ldaps to avoid transmitting passwords in clear text. This is the configuration so far: Directory /home/httpd/ldap_test AuthType basic AuthName ldap test AuthLDAPUrl ldap://dc1.domain.com/dc=domain,dc=com?sAMAccountName?sub?(obj ectClass=u ser) AuthLDAPBindDN cn=nobody,ou=Users-IT,dc=domain,dc=com AuthLDAPBindPassword password AuthLDAPGroupAttribute member require group cn=ldap_test_group,ou=Users-IT,dc=domain,dc=com /Directory however, to enable ldaps, I add these lines (outside the Directory, of course): LDAPTrustedCA /etc/httpd/conf/cacerts/dc1.cer LDAPTrustedCAType BASE64_FILE and then change ldap to ldaps in the AuthLDAPUrl line and it stops working. I have used this cert successfully in pam_ldap and ldapsearch. Any suggestions for what I could be doing wrong? The details: RHEL ES 4 httpd-2.0.52-22.ent Thanks for any suggestions, Grant - Pardon this rubbish: This electronic message transmission is a PRIVATE communication which contains information which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. Please notify the sender of the delivery error by replying to this message, or notify us by telephone (877-633-2436, ext. 0), and then delete it from your system. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This electronic message transmission is a PRIVATE communication which contains information which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. Please notify the sender of the delivery error by replying to this message, or notify us by telephone (877-633-2436, ext. 0), and then delete it from your system. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- °(((=((===°°°(((=== begin:vcard fn:Ricardo Stella n:Stella;Ricardo org:Rider University adr;dom:;;2083 Lawrenceville Rd;Lawrenceville;NJ;08648 version:2.1 end:vcard - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] ldaps authentication
From: Ricardo Stella [mailto:[EMAIL PROTECTED] What do logs show ? The error_log shows this: [Fri Jan 20 10:08:47 2006] [warn] [client 10.10.233.101] [2056] auth_ldap authenticate: user jgood authentication failed; URI /servers/smtp0/smtp0.htm [LDAP: ldap_simple_bind_s() failed][Can't contact LDAP server], referer: http://mrtg/mail_servers.htm Also, do you know if you are establishing a connection ? Yes, it appears that apache is trying to set up an ldaps session, but failing. Perhaps something analogous to the 'tls_checkpeer no' in ldap.conf? And, also, any permissions issue with the server reading the certificate ? The cert file is owned by apache with a mode of 400. All of the parent directories are 755. Sturgis, Grant wrote: No luck on this thread. Let me ask a different question: Is anyone using ldaps authentication - or ldap for that matter? Anyone using ldaps to AD? Thanks, Grant --- -Original Message- From: Sturgis, Grant Sent: Wednesday, January 18, 2006 2:12 PM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] ldaps authentication Greetings List, I have seen this question posted several times, but have not seen a resolution. If it is in the archives, I apologize for not seeing it there. I have ldap authentication working using mod_auth_ldap, but I want to enable ldaps to avoid transmitting passwords in clear text. This is the configuration so far: Directory /home/httpd/ldap_test AuthType basic AuthName ldap test AuthLDAPUrl ldap://dc1.domain.com/dc=domain,dc=com?sAMAccountName?sub?(obj ectClass=u ser) AuthLDAPBindDN cn=nobody,ou=Users-IT,dc=domain,dc=com AuthLDAPBindPassword password AuthLDAPGroupAttribute member require group cn=ldap_test_group,ou=Users-IT,dc=domain,dc=com /Directory however, to enable ldaps, I add these lines (outside the Directory, of course): LDAPTrustedCA /etc/httpd/conf/cacerts/dc1.cer LDAPTrustedCAType BASE64_FILE and then change ldap to ldaps in the AuthLDAPUrl line and it stops working. I have used this cert successfully in pam_ldap and ldapsearch. Any suggestions for what I could be doing wrong? The details: RHEL ES 4 httpd-2.0.52-22.ent Thanks for any suggestions, Grant - Pardon this rubbish: This electronic message transmission is a PRIVATE communication which contains information which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. Please notify the sender of the delivery error by replying to this message, or notify us by telephone (877-633-2436, ext. 0), and then delete it from your system. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] ldaps authentication
The default for ldap over ssl is on port 636. Is your ldap supporting this or actually doing TLS on the standard port ? Sturgis, Grant wrote: From: Ricardo Stella [mailto:[EMAIL PROTECTED] What do logs show ? The error_log shows this: [Fri Jan 20 10:08:47 2006] [warn] [client 10.10.233.101] [2056] auth_ldap authenticate: user jgood authentication failed; URI /servers/smtp0/smtp0.htm [LDAP: ldap_simple_bind_s() failed][Can't contact LDAP server], referer: http://mrtg/mail_servers.htm Also, do you know if you are establishing a connection ? Yes, it appears that apache is trying to set up an ldaps session, but failing. Perhaps something analogous to the 'tls_checkpeer no' in ldap.conf? And, also, any permissions issue with the server reading the certificate ? The cert file is owned by apache with a mode of 400. All of the parent directories are 755. Sturgis, Grant wrote: No luck on this thread. Let me ask a different question: Is anyone using ldaps authentication - or ldap for that matter? Anyone using ldaps to AD? Thanks, Grant --- -Original Message- From: Sturgis, Grant Sent: Wednesday, January 18, 2006 2:12 PM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] ldaps authentication Greetings List, I have seen this question posted several times, but have not seen a resolution. If it is in the archives, I apologize for not seeing it there. I have ldap authentication working using mod_auth_ldap, but I want to enable ldaps to avoid transmitting passwords in clear text. This is the configuration so far: Directory /home/httpd/ldap_test AuthType basic AuthName ldap test AuthLDAPUrl ldap://dc1.domain.com/dc=domain,dc=com?sAMAccountName?sub?(obj ectClass=u ser) AuthLDAPBindDN cn=nobody,ou=Users-IT,dc=domain,dc=com AuthLDAPBindPassword password AuthLDAPGroupAttribute member require group cn=ldap_test_group,ou=Users-IT,dc=domain,dc=com /Directory however, to enable ldaps, I add these lines (outside the Directory, of course): LDAPTrustedCA /etc/httpd/conf/cacerts/dc1.cer LDAPTrustedCAType BASE64_FILE and then change ldap to ldaps in the AuthLDAPUrl line and it stops working. I have used this cert successfully in pam_ldap and ldapsearch. Any suggestions for what I could be doing wrong? The details: RHEL ES 4 httpd-2.0.52-22.ent Thanks for any suggestions, Grant - Pardon this rubbish: This electronic message transmission is a PRIVATE communication which contains information which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. Please notify the sender of the delivery error by replying to this message, or notify us by telephone (877-633-2436, ext. 0), and then delete it from your system. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- °(((=((===°°°(((=== begin:vcard fn:Ricardo Stella n:Stella;Ricardo org:Rider University adr;dom:;;2083 Lawrenceville Rd;Lawrenceville;NJ;08648 version:2.1 end:vcard - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] environment-only rewrite rule
On 1/20/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
I'm struggling to create a mod_rewrite rule which *doesn't* modify the
request - only changes an environment variable
I tried -
RewriteRule . %{REQUEST_FILENAME} [L,E=KRB5CCNAME:%{ENV:REDIRECT_KRB5CCNAME}]
- but still it has some weird side effects
Use
RewriteRule .* - [whatever-options]
The dash as the second argument indicates no rewriting.
Joshua.
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] problem with mod_auth and mod_auth_pam working together
On 1/20/06, Jason Keltz [EMAIL PROTECTED] wrote: How can I tell Apache with AuthAuthoritative turned off to stop after mod_auth fails? How can I determine if there is some other authentication it is secretly trying? You always need one authoritative auth module. If mod_auth is last in the auth chain, then AuthAuthoritative should be on. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] ldaps authentication
-Original Message- From: Ricardo Stella [mailto:[EMAIL PROTECTED] The default for ldap over ssl is on port 636. Is your ldap supporting this or actually doing TLS on the standard port ? yes, our ldap server does ldaps over 636. In httpd.conf, I have tried just changing the uri from ldap to ldaps as well as appending the port (:636) to the server. Which approach would you recommend? Sturgis, Grant wrote: From: Ricardo Stella [mailto:[EMAIL PROTECTED] What do logs show ? The error_log shows this: [Fri Jan 20 10:08:47 2006] [warn] [client 10.10.233.101] [2056] auth_ldap authenticate: user jgood authentication failed; URI /servers/smtp0/smtp0.htm [LDAP: ldap_simple_bind_s() failed][Can't contact LDAP server], referer: http://mrtg/mail_servers.htm Also, do you know if you are establishing a connection ? Yes, it appears that apache is trying to set up an ldaps session, but failing. Perhaps something analogous to the 'tls_checkpeer no' in ldap.conf? And, also, any permissions issue with the server reading the certificate ? The cert file is owned by apache with a mode of 400. All of the parent directories are 755. Sturgis, Grant wrote: No luck on this thread. Let me ask a different question: Is anyone using ldaps authentication - or ldap for that matter? Anyone using ldaps to AD? Thanks, Grant --- -Original Message- From: Sturgis, Grant Sent: Wednesday, January 18, 2006 2:12 PM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] ldaps authentication Greetings List, I have seen this question posted several times, but have not seen a resolution. If it is in the archives, I apologize for not seeing it there. I have ldap authentication working using mod_auth_ldap, but I want to enable ldaps to avoid transmitting passwords in clear text. This is the configuration so far: Directory /home/httpd/ldap_test AuthType basic AuthName ldap test AuthLDAPUrl ldap://dc1.domain.com/dc=domain,dc=com?sAMAccountName?sub?(obj ectClass=u ser) AuthLDAPBindDN cn=nobody,ou=Users-IT,dc=domain,dc=com AuthLDAPBindPassword password AuthLDAPGroupAttribute member require group cn=ldap_test_group,ou=Users-IT,dc=domain,dc=com /Directory however, to enable ldaps, I add these lines (outside the Directory, of course): LDAPTrustedCA /etc/httpd/conf/cacerts/dc1.cer LDAPTrustedCAType BASE64_FILE and then change ldap to ldaps in the AuthLDAPUrl line and it stops working. I have used this cert successfully in pam_ldap and ldapsearch. Any suggestions for what I could be doing wrong? The details: RHEL ES 4 httpd-2.0.52-22.ent Thanks for any suggestions, Grant - Pardon this rubbish: This electronic message transmission is a PRIVATE communication which contains information which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. Please notify the sender of the delivery error by replying to this message, or notify us by telephone (877-633-2436, ext. 0), and then delete it from your system. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- °(((=((===°°°(((=== This electronic message transmission is a PRIVATE communication which contains information which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. Please notify the sender of the delivery error by replying to this message, or notify us by telephone (877-633-2436, ext. 0), and then delete it from your system. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] Auto Vhost question
Based on the vhost questions, I have a small dilemma. Overall the site works as desired but some of the vhost's (using true vhost configurations) have both www.domain.tld and domain.tld. So to make it work with mod_vhost_alias I need to create two directories. But only one directory has data (www.domain.tld). Is there a way to setup a 404 command within the config in conjunction with mod rewrite to forward them to www.domain.tld/whatever iif domain.tld/whatever doesn't exist? -Original Message- From: Gary W. Smith [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 17, 2006 7:47 AM To: users@httpd.apache.org Subject: RE: [EMAIL PROTECTED] Auto Vhost question Joshua, After some creative playing around with this it seems that it will work in most cases. There are a couple rare cases where I will need to manually create vhost entries but this should work great. Before asking the question I took the time to look at additional modules over at modules.apache.org but looking at the core documentation just slipped my mind... Anyways, thanks. Gary Wayne Smith -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joshua Slive Sent: Sunday, January 15, 2006 9:57 AM To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] Auto Vhost question On 1/15/06, Gary W. Smith [EMAIL PROTECTED] wrote: Is this following possible and if so how could it be accomplished? We have a number of users on a web server that access the system via users.domain.com/theirloginid (note that this isn't ~theirloginid). Is it possible to configure a vhost in such a way that they are theirloginid.users.domain.com without having to modify the apache configuration or restart apache each time a user is added? We have 350 users and would like to be able to add them on the fly. From a DNS perspective it's simple. That site is using DNS with a mysql backend. It would be nice if we could pull the vhost information directly from mysql as well. Read the docs on mod_vhost_alias. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Auto Vhost question
On 1/20/06, Gary W. Smith [EMAIL PROTECTED] wrote: Based on the vhost questions, I have a small dilemma. Overall the site works as desired but some of the vhost's (using true vhost configurations) have both www.domain.tld and domain.tld. So to make it work with mod_vhost_alias I need to create two directories. But only one directory has data (www.domain.tld). Is there a way to setup a 404 command within the config in conjunction with mod rewrite to forward them to www.domain.tld/whatever iif domain.tld/whatever doesn't exist? With mod_vhost_alias, the filesystem is your vhost database. So make use of filesystem tools to create your alias: a symbolic link. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] AddOutputFilterByType MIME wildcards?
On 1/20/06, Axel-Stéphane SMORGRAV [EMAIL PROTECTED] wrote: I never managed to make AddOutputFilterByType work properly for DEFLATE. There is a Bugzilla report that basically says that it does not work and is beyond salvation. What's the URL of the report? I've set it up on my server and it appears to work fine. You should try using mod_filter; that's what I ended up doing. Although mod_filter is an Apache 2.2 module, it is perfectly compatible with Apache 2.0 - just takes a few tricks to compile it. I seem to remember that Nick Kew describes how to compile it for Apache 2.0 on his site. -ascs -Original Message- From: Olaf van der Spek [mailto:[EMAIL PROTECTED] Sent: Friday, January 20, 2006 3:09 PM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] AddOutputFilterByType MIME wildcards? Hi, The documentation contains the sample AddOutputFilterByType DEFLATEtext/html text/plainBut is it also possible to use text/*? - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Custom index page?
How can i customize the default apache page (when you allow directory browsing). I know i could use php and whatnot, but I would like to config apache to do it.Thanks.
Re: [EMAIL PROTECTED] Custom index page?
On 1/20/06, dthom [EMAIL PROTECTED] wrote: How can i customize the default apache page (when you allow directory browsing). I know i could use php and whatnot, but I would like to config apache to do it. Start here: http://httpd.apache.org/docs/2.2/mod/mod_autoindex.html Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Statically Linked Apache
What configure switch do I use to compile/link apache statically? So that if I do a file httpd I get something like this: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.2.5, statically linked, stripped Instead of what I an getting right now: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.2.5, dynamically linked (uses shared libs), not stripped -- Lyndon Tiu - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] mod_auth_ldap TLS Authoriztion
Hi all, I am trying to use LDAP authentication using mod_auth_ldap module(ver 3.33) in apache 2.0.55. I have a .htaccess file like below, AuthType Basic AuthName "Password Required" AuthLDAPURL ldap://host.domain.net/dc=domain,dc=net?cn AuthLDAPStartTLS on require valid-user When I am accessing the page I am getting the below mentioned error in the /var/log/apache2/error.log [Sat Jan 21 13:07:41 2006] [debug] mod_auth_ldap.c(884): LDAP: auth_ldap not using SSL connections [Sat Jan 21 13:07:41 2006] [alert] [client 192.168.0.2] /var/www/localhost/htdocs/test/.htaccess: Invalid command 'AuthLDAPStartTLS', perhaps mis-spelled or defined by a module not included in the server configuration If I remove the "AuthLDAPStartTLS on" directive from the .htaccess, I am getting authenticated against LDAP server. I want to use TLS authorization. Can somebody help me?. Thanks Regards, Muthu.
