[us...@httpd] apache 2.2 and ldap group authentication

[Jeff Shearer]

I have been trying to implement group-based authentication using LDAP. 
But have yet to find the secret.  I have been able to implement 
individual authentication using the “require ldap-user [username]” 
directive successfully.


Some background information:  I am using FreeBSD 7.2, Apache 2.2, and 
OpenLDAP 2.4.  Initially I set up 3 directories for my research and 
verified that I reached the targeted documents successfully before 
beginning to implement authentication.  Then I implemented the ldap-user 
authentication successfully on one directory.


Back to my challenge with group authentication:  Here is the output of 
the LDAP search “ldapsearch -x -W -D 
'cn=Manager,dc=my,dc=mydomain,dc=com' -v -b 
'ou=groups,dc=my,dc=mydomain,dc=com'


# extended LDIF
#
# LDAPv3
# base ou=groups,dc=my,dc=mydomain,dc=com with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# groups, my.mydomain.com
dn: ou=groups,dc=my,dc=mydomain,dc=com
ou: groups
description: my.mydomain groups
objectClass: organizationalUnit

# SuperTeam, groups, my.mydomain.com
dn: cn=SuperTeam,ou=groups,dc=my,dc=mydomain,dc=com
ou: groups
description: People who are employees of Super Team
uniqueMember: uid=jeffshearer,dc=my,dc=mydomain,dc=com
uniqueMember: uid=maeshearer,dc=my,dc=mydomain,dc=com
objectClass: groupOfUniqueNames
cn: SuperTeam

# SuperGroup, groups, my.mydomain.com
dn: cn=SuperGroup,ou=groups,dc=my,dc=mydomain,dc=com
ou: groups
description: People who are employees of Super Group
uniqueMember: uid=jacksonshearer,dc=my,dc=mydomain,dc=com
uniqueMember: uid=larryfordham,dc=my,dc=mydomain,dc=com
uniqueMember: uid=spamimoron,dc=my,dc=mydomain,dc=com
objectClass: groupOfUniqueNames
cn: SuperGroup

# search result
search: 2
result: 0 Success

# numResponses: 4
# numEntries: 3


I have tried a number of configurations for group authenticaiton, all 
without success.  Following is the current iteration of my apache 
configuration for the superteam.docs directory:


Directory /files/superteam.docs
  AuthType basic
  AuthName Super Team Members Only
  AuthBasicProvider ldap
  AuthzLDAPAuthoritative on
  AuthLDAPBindDN cn=Manager,dc=my,dc=mydomain,dc=com
  AuthLDAPBindPassword secret
  AuthLDAPGroupAttribute uniqueMember
  AuthLDAPGroupAttributeIsDN off
  AuthLDAPURL 
ldap://192.168.0.92:389/ou=groups,dc=my,dc=mydomain,dc=com?cn=SuperTeam?;

  Require ldap-group cn=SuperTeam,ou=groups
  AllowOverride None
  Order allow,deny
  Allow from all
  Options +Includes
  XbitHack on
  /Directory

Not that I have an alias for /superteam to /files/superteam.docs

Thanks

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] Userid and reverse proxy

[Efjestad, Dag]

Hi

I want to do something like this:

Location /kongsberg
AuthType basic
AuthName Requierd users
AuthUserFile conf/basicauth.sec
Require user user1 user2 user3
/Location
ProxyRequestsOff   
ProxyPass/kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId%
ProxyPassReverse /kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId%


The variabel %AuthenticatedUserId% should contain user1, user2 or user3. 

Anyone know a way of solving this problem?

Best Regards
Dag Efjestad, Norway

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Userid and reverse proxy

[Jeff Shearer]

Try using a group rather than a list of users.  See 
http://httpd.apache.org/docs/2.2/howto/auth.html#lettingmorethanonepersonin

for a discussion.

Efjestad, Dag wrote:

Hi

I want to do something like this:

Location /kongsberg
AuthType basic
AuthName Requierd users
AuthUserFile conf/basicauth.sec
Require user user1 user2 user3
/Location
ProxyRequestsOff   
ProxyPass/kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId%

ProxyPassReverse /kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId%


The variabel %AuthenticatedUserId% should contain user1, user2 or user3. 


Anyone know a way of solving this problem?

Best Regards
Dag Efjestad, Norway

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org




-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] PHP ping and exec() hangs apache

[Kamil Walas]

Hi,

I stuck with strange error. I have following code:
?
   echo 'BEFORE';
   echo exec(ping -c1 -w1 1.1.25.38);
   echo 'AFTER';
?

Address doesn't exist. When execute script from command line everything 
works fine. But when I go to the file by Firefox it hangs out and apache 
need to be restart. This is a Virtual Server with PHP Version 
5.2.6-pl222-gentoo. When address exists it works fine. Only problem is 
when it doesn't respond and apache hangs.


I copy file to apache at my local apache and everything works fine. My 
apache is with Version 5.3.0alpha3-dev at windows XP.


At old server with php4 everything works fine.

I suspect that something wrong is with apache configuration but I don't 
know it for sure and couldn't find it.


Thank you,
Kamil Walas

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Userid and reverse proxy

[Nguyen Tien Duong]

Dear

Sorry but i think that the post is not relevant to the original thread. You
may want to create a new thread for this matter.

Thank you.

Regards,





Jeff Shearer wrote:
 
 Try using a group rather than a list of users.  See 
 http://httpd.apache.org/docs/2.2/howto/auth.html#lettingmorethanonepersonin
 for a discussion.
 
 Efjestad, Dag wrote:
 Hi
 
 I want to do something like this:
 
 Location /kongsberg
  AuthType basic
  AuthName Requierd users
  AuthUserFile conf/basicauth.sec
  Require user user1 user2 user3
 /Location
 ProxyRequestsOff   
 ProxyPass/kongsberg/
 http://aeoas02/kongsberg/%AuthenticatedUserId%
 ProxyPassReverse /kongsberg/
 http://aeoas02/kongsberg/%AuthenticatedUserId%
 
 
 The variabel %AuthenticatedUserId% should contain user1, user2 or user3. 
 
 Anyone know a way of solving this problem?
 
 Best Regards
 Dag Efjestad, Norway
 
 -
 The official User-To-User support forum of the Apache HTTP Server
 Project.
 See URL:http://httpd.apache.org/userslist.html for more info.
 To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   from the digest: users-digest-unsubscr...@httpd.apache.org
 For additional commands, e-mail: users-h...@httpd.apache.org
 
 
 
 -
 The official User-To-User support forum of the Apache HTTP Server Project.
 See URL:http://httpd.apache.org/userslist.html for more info.
 To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   from the digest: users-digest-unsubscr...@httpd.apache.org
 For additional commands, e-mail: users-h...@httpd.apache.org
 
 
 

-- 
View this message in context: 
http://www.nabble.com/Unable-to-run-.-configure-when-install-apache-http-server.Error%3A-decision-on-anonymous-shared-memory-allocation-method-failed-tp23702056p23739049.html
Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] apache 2.2 and ldap group authentication

[Peter Schober]

* Jeff Shearer j...@shearer-family.org [2009-05-27 08:43]:
 dn: cn=SuperTeam,ou=groups,dc=my,dc=mydomain,dc=com
 ou: groups
 description: People who are employees of Super Team
 uniqueMember: uid=jeffshearer,dc=my,dc=mydomain,dc=com
 uniqueMember: uid=maeshearer,dc=my,dc=mydomain,dc=com
 objectClass: groupOfUniqueNames
 cn: SuperTeam
[...]
 I have tried a number of configurations for group authenticaiton, all 
 without success.  Following is the current iteration of my apache 
 configuration for the superteam.docs directory:
 
 Directory /files/superteam.docs
AuthType basic
AuthName Super Team Members Only
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthLDAPBindDN cn=Manager,dc=my,dc=mydomain,dc=com
AuthLDAPBindPassword secret
AuthLDAPGroupAttribute uniqueMember
AuthLDAPGroupAttributeIsDN off
AuthLDAPURL 
 ldap://192.168.0.92:389/ou=groups,dc=my,dc=mydomain,dc=com?cn=SuperTeam?;
Require ldap-group cn=SuperTeam,ou=groups
AllowOverride None
Order allow,deny
Allow from all
Options +Includes
XbitHack on
/Directory

First, AuthLDAPGroupAttributeIsDN should be on, since obviously your
(unique)member values *are* DNs.
(Btw, unless you require the addtional distinguishing values
uniqueMember allows for -- and from your example you certainly don't
--  you can just as well use the 'member' attribute. Both 'member' and
'uniquemember' need their values to be unique.)

Second, your Require ldap-group is somehow truncated, it should be
the full DN of that group (is there some documentation that implies
you can just leave away the baseDN or something?)

cheers,
-peter

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Userid and reverse proxy

[Efjestad, Dag]

Jeff, 

I think you have misunderstood the problem. The problem is that I different web 
pages for different users.

/dag

-Opprinnelig melding-
Fra: Jeff Shearer [mailto:j...@shearer-family.org] 
Sendt: 27. mai 2009 09:07
Til: users@httpd.apache.org
Emne: Re: [us...@httpd] Userid and reverse proxy

Try using a group rather than a list of users.  See 
http://httpd.apache.org/docs/2.2/howto/auth.html#lettingmorethanonepersonin
for a discussion.

Efjestad, Dag wrote:
 Hi
 
 I want to do something like this:
 
 Location /kongsberg
   AuthType basic
   AuthName Requierd users
   AuthUserFile conf/basicauth.sec
   Require user user1 user2 user3
 /Location
 ProxyRequestsOff   
 ProxyPass/kongsberg/ 
 http://aeoas02/kongsberg/%AuthenticatedUserId%
 ProxyPassReverse /kongsberg/ 
 http://aeoas02/kongsberg/%AuthenticatedUserId%
 
 
 The variabel %AuthenticatedUserId% should contain user1, user2 or user3. 
 
 Anyone know a way of solving this problem?
 
 Best Regards
 Dag Efjestad, Norway
 
 -
 The official User-To-User support forum of the Apache HTTP Server Project.
 See URL:http://httpd.apache.org/userslist.html for more info.
 To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   from the digest: users-digest-unsubscr...@httpd.apache.org
 For additional commands, e-mail: users-h...@httpd.apache.org
 
 

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org



-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Unable to start Apache - Fail to Install libapreq2

[Nick Kew]

On Tue, 26 May 2009 20:56:29 -0700 (PDT)
ragwho rag...@gmail.com wrote:

 Can't load
 '/usr/perl5/site_perl/5.8.4/sun4-solaris-64int/auto/APR/Request/Request.so'
 for module APR::Request: ld.so.1: httpd: fatal: libgcc_s.so.1: open
 failed: No such file or directory at

Are you trying to mix an Apache built with sunstudio and a Perl built
with gcc?

-- 
Nick Kew

Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] apache 2.2 and ldap group authentication

[Peter Schober]

* Peter Schober peter.scho...@univie.ac.at [2009-05-27 12:33]:
  I have tried a number of configurations for group authenticaiton, all 
  without success.  Following is the current iteration of my apache 
  configuration for the superteam.docs directory:
  
  Directory /files/superteam.docs
 AuthType basic
 AuthName Super Team Members Only
 AuthBasicProvider ldap
 AuthzLDAPAuthoritative on
 AuthLDAPBindDN cn=Manager,dc=my,dc=mydomain,dc=com
 AuthLDAPBindPassword secret
 AuthLDAPGroupAttribute uniqueMember
 AuthLDAPGroupAttributeIsDN off
 AuthLDAPURL 
  ldap://192.168.0.92:389/ou=groups,dc=my,dc=mydomain,dc=com?cn=SuperTeam?;
 Require ldap-group cn=SuperTeam,ou=groups
 AllowOverride None
 Order allow,deny
 Allow from all
 Options +Includes
 XbitHack on
 /Directory
 
 First, AuthLDAPGroupAttributeIsDN should be on, since obviously your
 (unique)member values *are* DNs.
 (Btw, unless you require the addtional distinguishing values
 uniqueMember allows for -- and from your example you certainly don't
 --  you can just as well use the 'member' attribute. Both 'member' and
 'uniquemember' need their values to be unique.)
 
 Second, your Require ldap-group is somehow truncated, it should be
 the full DN of that group (is there some documentation that implies
 you can just leave away the baseDN or something?)

Third, the AuthLDAPURL doesn't seem to be right (see RFC 4516 for the
specs and examples). After the DN (which identifies the base object
of the LDAP search or the target of a non-search operation.) come the
attributes you request, if you want all you'd still need to supply the
'?' with no parameter, otherwise the only one you're interested here
is (unique)member.
Then comes the scope (limit the search to the base of the object given
as the DN of the URL; to one level below the base object, or to a
subtree search, starting from and including the base object), and only
then comes the filter (which you give as cn=SuperTeam).

And with that filter (which is not interpretefd as a filter, because
it's in the wrong part, which you would see in your slapd.log) you'd
only ever find the group cn=SuperTeam, which is not wrong, but
superfluos, since you're 'require'ing the desired group below anyway
with an apache directive (once the syntax is corrected, see my point
two).

I don't think just leaving all the parts after the DN away (so their
defaults get to be used) will help, since the scope defaults to base,
and you'll need at least 'one' or 'sub', unless you specify the exact
name of the required group in the DN of that AuthLDAPURL (which I
douldn't do, since you'd have to mess with AuthLDAPURL for every
directory; same with the group name in the filter, see above).

So I guess a correct LDAP URL for your setup should be something like this:

AuthLDAPURL 
ldap://192.168.0.92:389/ou=groups,dc=my,dc=mydomain,dc=com?uniquemember?sub?(objectclass=groupOfUniqueNames)

(The port defaults to 389 so that could be left out as well, I
suppose.)

You could then reuse this AuthLDAPURL for all resources on your
server, adjusting only the require ldap-group directive for the
resource at hand.

And two rather generic hints wrt security:

Note that unless your directory server is on the same box or you
consider your network to be secure, you should not connect to your
slapd without securing at least the transport. For that you'd need to
configure your slapd to allow for TLS/SSL connections and supply
STARTTLS at the end of the LDAP URL (seperated by whitespace).
Instead of the STARTTLS parameter you could use ldaps:// for the
scheme, but note that there is no formal specification for LDAPS (in
contrast to LDAP+STARTTLS, see RFC 4513). So this is deprecated and
should not be used.
Also you really should not ever use the rootdn (I guess that is what
your cn=manager object really is) for anything else but directory
administration. Instead create another DN in your DIT and give this DN
the required permission (ACLs) to search and read group objects.
There are no limits to what the rootdn can do, ACLs are not even
evaluated for the rootdn (it's the rootdn, after all ;) so you can't
limit the power of this DN -- and it's password is in your httpd.conf
in the clear!

cheers,
-peter

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Userid and reverse proxy

[Stefano Sasso]

2009/5/27 Efjestad, Dag dag.efjes...@solvea.no:
    Location /kongsberg
        AuthType basic
        AuthName Requierd users
        AuthUserFile conf/basicauth.sec
        Require user user1 user2 user3
    /Location
    ProxyRequests    Off
    ProxyPass        /kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId%
    ProxyPassReverse /kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId%


 The variabel %AuthenticatedUserId% should contain user1, user2 or user3.

 Anyone know a way of solving this problem?

you can try with mod_rewrite and [P]:

RewriteEngine On
RewriteRule ^/kongsberg(.*) http://aeoas02/kongsberg/%{LA-U:REMOTE_USER}$1 [P,L]

bye,
-- 
Stefano Sasso
stesa...@gmail.com
http://www.gnustile.net/

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] Rewrite doesn't work !!

[ricardo13]

Hi,

I have a web cluster and use mod_rewrite to forward request to cluster,
according with type of request.
There is a external program in directive RewriteMap to classify requests.

My external program:
...
 while(1) {
  fscanf(stdin, %s, input); // read input --- format = /1, or /2, /3
...
  sscanf(strchr(input,'/') + 1, %d, number);  // extract only number
of format

  switch(number) {
case 1: fputs(192.168.1.11, stdout); break;
case 2: fputs(192.168.1.22); break;
default: fprintf(stdout, /bad_url); break;
  }

  fputc('\n', stdout);
  fflush(stdout);

My http.conf:

RewriteEngine on
RewriteLog /usr/local/apache2/logs/rewrite_log
RewriteLogLevel 5
RewriteLock /usr/local/apache2/logs/file.lock
RewriteMap prgmap prg:/usr/local/apache2/admControl

RewriteCond ${prgmap:$1} !=/bad_url
RewriteRule ^/(.*) http://${prgmap:$1}/ [P]

RewriteRule ^(.*) - [F]

My problem is, don't proxy request to cluster. See log file:

(2) init rewrite engine with requested uri /1
(3) applying pattern '^/(.*)' to uri '/1'
(5) map lookup OK: map=prgmap key=1 - val=
(4) RewriteCond: input='' pattern='!=/bad_url' = matched
(5) map lookup OK: map=prgmap key=1 - val=
(2) rewrite '/1' - 'http:///'
(2) forcing proxy-throughput with http:///
(1) go-ahead with proxy request proxy:http:/// [OK]

What's happen ??? Why mod_rewrite doesn't proxy requests to ip address ???

Thank you
Ricardo 
-- 
View this message in context: 
http://www.nabble.com/Rewrite-doesn%27t-work-%21%21-tp23743331p23743331.html
Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Userid and reverse proxy

[Efjestad, Dag]

Thanks but I tried that. 

The problem is that the value of REMOTE_USER has no value. 

I use apache version 2.2

Here are the configuration:

Location /kongsberg
AuthType basic
AuthName LOS
AuthUserFile conf/LOSbasicauth.sec
Require user u1 u2 u3
/Location

   RewriteCond %{REMOTE_HOST} (.*) 
   RewriteRule ^/kongsberg/(.*) http://aeoas02/LOS/kongsberg/%1/$1 [QSA,P,L]

In the access_log I get:
IPADDRESS - u1 [27/May/2009:16:03:25 +0200] GET /kongsberg/ HTTP/1.1 404 343 
- Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; WOW64; Trident/4.0; 
SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30618; InfoPath.2; 
MS-RTC LM 8)


In the rewrite log I get: 
IPADDRESS - - applying pattern '^/kongsberg/(.*)' to uri '/kongsberg/'
IPADDRESS - - RewriteCond: input='' pattern='(.*)' = matched
IPADDRESS - - rewrite '/kongsberg/' - 'http://krsoastest01/test/kongsberg//'
IPADDRESS - - forcing proxy-throughput with http://aeoas02/kongsberg//


I can't see the username in the rewrite log. 


I tried several options but no value in remote_user. 


Tnx, Dag

-Opprinnelig melding-
Fra: Stefano Sasso [mailto:stesa...@gmail.com] 
Sendt: 27. mai 2009 13:14
Til: users@httpd.apache.org
Emne: Re: [us...@httpd] Userid and reverse proxy

2009/5/27 Efjestad, Dag dag.efjes...@solvea.no:
    Location /kongsberg
        AuthType basic
        AuthName Requierd users
        AuthUserFile conf/basicauth.sec
        Require user user1 user2 user3
    /Location
    ProxyRequests    Off
    ProxyPass        /kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId%
    ProxyPassReverse /kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId%


 The variabel %AuthenticatedUserId% should contain user1, user2 or user3.

 Anyone know a way of solving this problem?

you can try with mod_rewrite and [P]:

RewriteEngine On
RewriteRule ^/kongsberg(.*) http://aeoas02/kongsberg/%{LA-U:REMOTE_USER}$1 [P,L]

bye,
-- 
Stefano Sasso
stesa...@gmail.com
http://www.gnustile.net/

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] sharing data between two different apache modules

[Atanu]

Thanks Nick for the pointer. Let me try this out in my boxes.

On Wed, May 27, 2009 at 4:09 AM, Nick Kew n...@webthing.com wrote:


 On 26 May 2009, at 22:37, Atanu wrote:

  - The user will still type http://foo.com. This time a mod_proxy handler
 will display a login page. In fact this my own authentication handler
 written in mod_perl. It authenticates using a back end system by accepting
 username and password from the login page.


 This is all fairly standard, and you probably don't really need mod_perl.

  I want the mod_proxy to ProxyPass to the url in the following format

 http://bar.com/bar.pl?sid=APACHE_SESSIONu=UserName


 Since you're using mod_perl, it would be fairly painless to
 append the query string in Perl.  The alternative is to use
 RewriteRule with [P] in place of proxypass.

 --
 Nick Kew

 -
 The official User-To-User support forum of the Apache HTTP Server Project.
 See URL:http://httpd.apache.org/userslist.html for more info.
 To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 from the digest: users-digest-unsubscr...@httpd.apache.org
 For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Rewrite doesn't work !!

[Eric Covener]

      sscanf(strchr(input,'/') + 1, %d, number);  // extract only number

        RewriteRule ^/(.*) http://${prgmap:$1}/ [P]

 (5) map lookup OK: map=prgmap key=1 - val=

Decide whether your passing in something with a slash or not.  Does
your program do the right thing when run outside of Apache?


-- 
Eric Covener
cove...@gmail.com

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] Issue w/ Apache httpd 2.2.11 in Windows Vista

[kowa]

I installed Apache as a service as normal, then tried to run it.  It
ran...but it won't read the httpd.conf file.  Even changing the service to
call httpd.exe -k runservice -f (path to conf file) *does not work*.  I
can only run httpd manually, from the command prompt, with the -f
parameter, and get it to read the conf file.

Why???

FYI, nothing shows up in the error log to explain this.  Also, apparently
the registry key pointing to the proper path IS set (HKLM\SOFTWARE\Apache
Software Foundation\Apache\2.2.11 ServerRoot) but isn't being used.

Damon Casale


-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!

[Sam theman]

I was able to build a FIPS 140-2 apache, thanks to nobody at the apache users 
list. I banged my head against the wall for 2 days, and pieced together a lot 
of confused emails... WHY do apache developers not go the extra half foot and 
publish a doc. They will develop code out the gazoo, but then not tell anyone 
HOW to use it and people wonder why open source software is gradually being 
flushed down the toliet by the Oracle corp's of the world!!



 From: j.zucker...@gmail.com
 Date: Tue, 26 May 2009 19:13:15 -0700
 To: users@httpd.apache.org
 Subject: Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!
 
 On Tue, May 26, 2009 at 12:44 PM, Sam theman xray...@hotmail.com wrote:
  Hello,
 
  Can anyone supply the step-by-steps for building apache with FIPS 140-2
  openssl?
 
  Sam
 
  
  Insert movie times and more without leaving Hotmail®. See how.
 
 hotmail ads? lol
 
 -
 The official User-To-User support forum of the Apache HTTP Server Project.
 See URL:http://httpd.apache.org/userslist.html for more info.
 To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   from the digest: users-digest-unsubscr...@httpd.apache.org
 For additional commands, e-mail: users-h...@httpd.apache.org
 

_
Hotmail® goes with you. 
http://windowslive.com/Tutorial/Hotmail/Mobile?ocid=TXT_TAGLM_WL_HM_Tutorial_Mobile1_052009

Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!

[Eric Covener]

On Wed, May 27, 2009 at 2:44 PM, Sam theman xray...@hotmail.com wrote:
 I was able to build a FIPS 140-2 apache, thanks to nobody at the apache
 users list. I banged my head against the wall for 2 days, and pieced
 together a lot of confused emails...

Quite sorry that nobody stepped up to collect and summarize the old
emails for you.

-- 
Eric Covener
cove...@gmail.com

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!

[Frank Gingras]

Sam,

Since you're 'theman', I guess we assumed you'd manage on your own.

Seriously, however, no one is forcing you to use this software. Go ahead 
and use commercial software, we won't mind.


Frank

Sam theman wrote:

I was able to build a FIPS 140-2 apache, thanks to nobody at the apache users 
list. I banged my head against the wall for 2 days, and pieced together a lot 
of confused emails... WHY do apache developers not go the extra half foot and 
publish a doc. They will develop code out the gazoo, but then not tell anyone 
HOW to use it and people wonder why open source software is gradually being 
flushed down the toliet by the Oracle corp's of the world!!



  

From: j.zucker...@gmail.com
Date: Tue, 26 May 2009 19:13:15 -0700
To: users@httpd.apache.org
Subject: Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!

On Tue, May 26, 2009 at 12:44 PM, Sam theman xray...@hotmail.com wrote:


Hello,

Can anyone supply the step-by-steps for building apache with FIPS 140-2
openssl?

Sam


Insert movie times and more without leaving Hotmail®. See how.
  

hotmail ads? lol

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org




_
Hotmail® goes with you. 
http://windowslive.com/Tutorial/Hotmail/Mobile?ocid=TXT_TAGLM_WL_HM_Tutorial_Mobile1_052009
  




-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!

[Peter Schober]

* Sam theman xray...@hotmail.com [2009-05-27 20:45]:
 I was able to build a FIPS 140-2 apache, thanks to nobody at the
 apache users list.

On a more constructive note: docs get written when someone does the
work and puts them together. Find a stable place for your notes and
publish them, so others can find them.
-peter

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?!

[Shahriyar Shehi Imanov]

My .htaccess contains following ReWrite rule:

IfModule mod_rewrite.c
RewriteEngine On
RewriteBase /
RewriteRule ^acp/([\/-_a-z0-9\.]*)/index.php/acp/$1   [NC,QSA,L]
RewriteRule ^news/([\/-_a-z0-9\.]*)/index.php/news/$1[NC,QSA,L]
/IfModule

It works fine when I visit pages like:

http://URL.com/acp/components/
http://URL.com/acp/components/index.do
http://URL.com/acp/components/index.do?arg=value
http://URL.com/acp/components/register2.do

etc. However, 403 is issued when I try URL's such as these:

http://URL.com/acp/components/register.do
http://URL.com/acp/components/2register.do
http://URL.com/acp/components/getregister.do

And when I go to:
http://URL.com/acp/components/Register.do

I get redirected by 301 here:
http://URL.com/acp/index..do

IN ALL of my Apache conf files, there are no Aliases, VHosts or anything else
related to the keyword register. I had this problem with some other keywords
as well, in the past, but I am afraid I don't remember them at this moment.

I posted this issue in Bugzilla, but was redirected here to discuss it with the 
fellow users here.
https://issues.apache.org/bugzilla/show_bug.cgi?id=47273
I still don't know what is the ReWrite Log, since my XAMPP Apache, and Fedora 
Apache, both only happen to have access_log and error_log, thats all. My 
access_log has lines like these:

shehi-pc - - [27/May/2009:19:28:31 +0300] GET /acp/components/register2.do 
HTTP/1.1 200 261
shehi-pc - - [27/May/2009:19:29:11 +0300] GET /acp/components/while.do 
HTTP/1.1 200 261
shehi-pc - - [27/May/2009:19:29:20 +0300] GET /acp/components/if.do HTTP/1.1 
200 261
shehi-pc - - [27/May/2009:19:29:27 +0300] GET /acp/components/2register.do 
HTTP/1.1 403 1123
shehi-pc - - [27/May/2009:19:29:47 +0300] GET /acp/components/getregister.do 
HTTP/1.1 403 1123
shehi-pc - - [27/May/2009:19:30:06 +0300] GET /acp/components/geTregister.do 
HTTP/1.1 403 1123
shehi-pc - - [27/May/2009:19:30:18 +0300] GET /acp/components/Register.do 
HTTP/1.1 301 547
shehi-pc - - [27/May/2009:19:30:18 +0300] GET /acp/index..do HTTP/1.1 403 1123
shehi-pc - - [27/May/2009:19:30:33 +0300] GET /acp/components/asregister.do 
HTTP/1.1 403 1123
shehi-pc - - [27/May/2009:19:30:41 +0300] GET /acp/components/egister.do 
HTTP/1.1 200 261
shehi-pc - - [27/May/2009:19:30:47 +0300] GET /acp/components/Register.do 
HTTP/1.1 301 547
shehi-pc - - [27/May/2009:19:30:47 +0300] GET /acp/index..do HTTP/1.1 403 1123
shehi-pc - - [27/May/2009:19:32:18 +0300] GET /acp/components/send.do 
HTTP/1.1 200 261
shehi-pc - - [27/May/2009:19:32:25 +0300] GET /acp/components/members.do 
HTTP/1.1 200 261
shehi-pc - - [27/May/2009:19:32:28 +0300] GET /acp/components/member.do 
HTTP/1.1 200 261
shehi-pc - - [27/May/2009:19:32:31 +0300] GET /acp/components/users.do 
HTTP/1.1 200 261

Nothing inside error_log though [I thought 404, 403 and alike are considered to 
be errors, guess they are not :) ].

ANY help, support, tip, suggestion to solve, or at least identify this problem
is welcome!

Shehi

Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!

[mboxdario-apache]

Not the best answers.

But it was not a good question neither.

Can anyone supply the step-by-steps for building apache with FIPS 140-2 
openssl? is NOT a good question. There is a guide you should have readed 
before, about how to ask good questions.

Because the answer is:
Yes. I'm almost sure somebody can do it.

Community answers are not always right to the point. You are not paying.

The good thing about open source is that now that you know the answer, YOU can 
publish it.

And you should have asked:
subject: building an apache with openssl fips 140-2
I have made this, this and this. I have problems with THIS. Later I will do 
that other thing. which documentation should I read?

I use 'alfa' linux, with apache version x.y.z, and openssl version H.




 El mié 27-may-09, Frank Gingras francois.ging...@gmail.com escribió:

 De: Frank Gingras francois.ging...@gmail.com
 Asunto: Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!
 Para: users@httpd.apache.org
 Fecha: miércoles, 27 de mayo de 2009, 3:51 pm
 Sam,
 
 Since you're 'theman', I guess we assumed you'd manage on
 your own.
 
 Seriously, however, no one is forcing you to use this
 software. Go ahead 
 and use commercial software, we won't mind.
 
 Frank
 
 Sam theman wrote:
  I was able to build a FIPS 140-2 apache, thanks to
 nobody at the apache users list. I banged my head against
 the wall for 2 days, and pieced together a lot of confused
 emails... WHY do apache developers not go the extra half
 foot and publish a doc. They will develop code out the
 gazoo, but then not tell anyone HOW to use it and people
 wonder why open source software is gradually being flushed
 down the toliet by the Oracle corp's of the world!!
 
 
 
    
  From: j.zucker...@gmail.com
  Date: Tue, 26 May 2009 19:13:15 -0700
  To: users@httpd.apache.org
  Subject: Re: [us...@httpd] How do you build a FIPS
 140-2 apache ?!?!?!
 
  On Tue, May 26, 2009 at 12:44 PM, Sam theman
 xray...@hotmail.com
 wrote:
      
  Hello,
 
  Can anyone supply the step-by-steps for
 building apache with FIPS 140-2
  openssl?
 
  Sam
 
  
  Insert movie times and more without leaving
 Hotmail®. See how.
        
  hotmail ads? lol
 
 
 -
  The official User-To-User support forum of the
 Apache HTTP Server Project.
  See URL:http://httpd.apache.org/userslist.html for more
 info.
  To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
        from the digest:
 users-digest-unsubscr...@httpd.apache.org
  For additional commands, e-mail: users-h...@httpd.apache.org
 
      
 
 
 _
  Hotmail® goes with you. 
  http://windowslive.com/Tutorial/Hotmail/Mobile?ocid=TXT_TAGLM_WL_HM_Tutorial_Mobile1_052009
    
 
 
 
 -
 The official User-To-User support forum of the Apache HTTP
 Server Project.
 See URL:http://httpd.apache.org/userslist.html for more
 info.
 To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   from the digest: users-digest-unsubscr...@httpd.apache.org
 For additional commands, e-mail: users-h...@httpd.apache.org
 
 


  

¡Viví la mejor experiencia en la web!
Descargá gratis el nuevo Internet Explorer 8
http://downloads.yahoo.com/ieak8/?l=ar

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Userid and reverse proxy

[Stefano Sasso]

2009/5/27 Efjestad, Dag dag.efjes...@solvea.no:
 I tried several options but no value in remote_user.

did you try with LA-U? from apache mod_rewrite docs:

For instance, to rewrite according to the REMOTE_USER variable from
within the per-server context (httpd.conf file) you must use
%{LA-U:REMOTE_USER} - this variable is set by the authorization
phases, which come after the URL translation phase (during which
mod_rewrite operates).

bye,
-- 
Stefano Sasso
stesa...@gmail.com
http://www.gnustile.net/

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?!

[Eric Covener]

What happens when you remove rewrite from the equation and just send
the requests through your index.php?

IOW, is the 403 issued by the PHP code?

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Unable to run ./configure when install apache http server.Error: decision on anonymous shared memory allocation method failed

[Kristof Zelechovski]

Well, the log you have got is not complete, in that the crucial work is
delegated to a subshell that is not being logged.  What is interesting here
is the preceding line starting with a '+'.  You have snipped that one,
unfortunately.
Try changing ac_configure and friends to '/bin/sh -x ...'; you shall have to
figure out where it is defined and how to tweak it.  I suggest setting SHELL
to '/bin/sh -x'.  Also, bash has a way to set command-line options through
an environment variable; if everything else fails, you can also use this
method.
And remember to start clean each time!
BTW, there are free bulletin board (Web clipboard) services that allow you
to paste clipboard text for instant viewing via HTTP.  Most IRC channels
link to such a service.  You could use one of them as well.
Chris

-Original Message-
From: Nguyen Tien Duong [mailto:duong...@fsoft.com.vn] 
Sent: Wednesday, May 27, 2009 6:29 AM
To: users@httpd.apache.org
Subject: RE: [us...@httpd] Unable to run ./configure when install apache
http server.Error: decision on anonymous shared memory allocation method
failed


Dear 

Thanks a lot for your suggestion. I have done as instructed and got more
information.

However looking at the data printed on the screen, i have not quite got the
cause of the problem. That is no code that checks for size of or the content
of generated conftest.c

I copy the content of the log, I am sorry for the inconvenient of the long
chunk of data since the network policy at the company does not allow Upload
file feature.

Step to perform 

sh -x configure --prefix=/home1/apache --enable-so --with-included-apr

Output 
...
checking for mmap that can map /dev/zero... no
decision on anonymous shared memory allocation method... 4.4BSD-style mmap()
via MAP_ANON
decision on namebased memory allocation method... mmap() via POSIX.1
[snip]
+ eval 'ac_val=$BASH'
++ ac_val=/bin/sh
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$BASH_ARGC'
++ ac_val=3
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$BASH_ARGV'
++ ac_val=--with-included-apr
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$BASH_LINENO'
++ ac_val=0
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$BASH_SOURCE'
++ ac_val=configure
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$BASH_VERSINFO'
++ ac_val=3
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$BASH_VERSION'
++ ac_val='3.2.25(1)-release'
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$CATALINA_HOME'
++ ac_val=/home1/tomcat
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$COLORTERM'
++ ac_val=gnome-terminal
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$DBUS_SESSION_BUS_ADDRESS'
++
ac_val=unix:abstract=/tmp/dbus-GXbh0B8HqR,guid=0c501b4abca3bd3810fd6fb6a6704
000
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$DESKTOP_SESSION'
++ ac_val=default
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$DESKTOP_STARTUP_ID'
++ ac_val=
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$DIRSTACK'
++ ac_val='~/setups/apache_2.2.11/linux/httpd-2.2.11/srclib/apr'
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$DISPLAY'
++ ac_val=:0.0
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$DUALCASE'
++ ac_val=1
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$ECHO_C'
++ ac_val=
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$ECHO_N'
++ ac_val=-n
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$ECHO_T'
++ ac_val=
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$EUID'
++ ac_val=0
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$GDMSESSION'
++ ac_val=default
+ case $ac_val in
+ for ac_var in '`(set) 21 | sed -n
'\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`'
+ eval 'ac_val=$GDM_XSERVER_LOCATION'
++ ac_val=local
+ case $ac_val in
+ for ac_var in 

Re: [us...@httpd] Rewrite doesn't work !!

[ricardo figueiredo]

Hi,

I run the program outside of Apache, and it works perfeclty (How I would
like). When typed 'http://localhost/1' in browser, the variable number is
assigned value 1.

Why mod_rewrite doesn't rewrite URL ??? I'm writing IP address to output
program.

Thank You
Ricardo


On Wed, May 27, 2009 at 3:04 PM, Eric Covener cove...@gmail.com wrote:

   sscanf(strchr(input,'/') + 1, %d, number);  // extract only
 number

 RewriteRule ^/(.*) http://${prgmap:$1}/ [P]

  (5) map lookup OK: map=prgmap key=1 - val=

 Decide whether your passing in something with a slash or not.  Does
 your program do the right thing when run outside of Apache?


 --
 Eric Covener
 cove...@gmail.com

 -
 The official User-To-User support forum of the Apache HTTP Server Project.
 See URL:http://httpd.apache.org/userslist.html for more info.
 To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
 For additional commands, e-mail: users-h...@httpd.apache.org




-- 
Muito Obrigado

Ricardo

Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?!

[Shahriyar Shehi Imanov]

hi again eric,

i thought about that... i am coding cms, so redirections made by code are 
traceable. no, software [php that is] is not doing this. why would it do 
that only with one word [register in this case] anyway?


As you said, I accessed pages through index.php, like:
http://URL.com/index.php/acp/components/register.do

interestingly got 403 again? But why? Its 100% not PHP, or my code [since I 
am able to mark all redirections and identify them]... Why I can't access 
[403]:

http://URL.com/index.php/acp/components/register.do or
http://URL.com/index.php/acp/components/getregister.do or
http://URL.com/index.php/acp/components/2312register.do

whereas I can access everything else like
http://URL.com/index.php/acp/components/registerasdasd.do
http://URL.com/index.php/acp/components/register2.do
http://URL.com/index.php/acp/components/foobar.do
http://URL.com/index.php/acp/components/while.do

I even can access these [200]:
http://URL.com/index.php/acp/register
http://URL.com/index.php/acp/Register.do

Again but not these:
http://URL.com/index.php/acp/register.do [403]
http://URL.com/index.php/acp/Register.do [301]

But again, forget 301's... Code only does 301. Why 403's do occur?! I 
realize this is not mod-rewrite related now :)



Shehi

- Original Message - 
From: Eric Covener cove...@gmail.com

To: users@httpd.apache.org
Sent: Wednesday, May 27, 2009 10:24 PM
Subject: Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved 
word?!




What happens when you remove rewrite from the equation and just send
the requests through your index.php?

IOW, is the 403 issued by the PHP code?

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org



-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Issue w/ Apache httpd 2.2.11 in Windows Vista

[William A. Rowe, Jr.]

k...@redshift.com wrote:
 I installed Apache as a service as normal, then tried to run it.  It
 ran...but it won't read the httpd.conf file.  Even changing the service to
 call httpd.exe -k runservice -f (path to conf file) *does not work*.  I
 can only run httpd manually, from the command prompt, with the -f
 parameter, and get it to read the conf file.
 
 Why???

Not enough info for anyone to give you an answer.  Some thoughts; don't mess
with the HKLM\Services key ever, always use httpd.exe -k config.  Another
thought - using UAC?  If you don't understand how it can hide file changes
and keep them private to your login, disable it.  You changed the run-as
user of the httpd service?  Perhaps it doesn't have write access to the logs
directory.  Perhaps you broke permissions on the volume for the SYSTEM (aka
LocalSystem) account?  It needs list and read directory permission all the
way from the root to all of the files it uses or serves.


 FYI, nothing shows up in the error log to explain this.  Also, apparently
 the registry key pointing to the proper path IS set (HKLM\SOFTWARE\Apache
 Software Foundation\Apache\2.2.11 ServerRoot) but isn't being used.

Note early startup errors are recorded to the Application Event Log.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?!

[Shahriyar Shehi Imanov]

Ok, let me make this easier for you guys:

http://www.audith.net/acp/components/index.do

is our example page. If you are using some sniffer program, or header reader 
[like FF extension LiveHTTP headers. ], you can see that pages my code 
produces, have this header : X-Powered-By: Audith CMS codename Persephone. 
So, as you can see, URL like


http://www.audith.net/acp/components/register2.do

is mine, an expected result - whereas

http://www.audith.net/acp/components/register.do

is not.

Shehi

- Original Message - 
From: Shahriyar Shehi Imanov sh...@imanov.name

To: users@httpd.apache.org
Sent: Wednesday, May 27, 2009 10:41 PM
Subject: Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved 
word?!




hi again eric,

i thought about that... i am coding cms, so redirections made by code are 
traceable. no, software [php that is] is not doing this. why would it do 
that only with one word [register in this case] anyway?


As you said, I accessed pages through index.php, like:
http://URL.com/index.php/acp/components/register.do

interestingly got 403 again? But why? Its 100% not PHP, or my code [since 
I am able to mark all redirections and identify them]... Why I can't 
access [403]:

http://URL.com/index.php/acp/components/register.do or
http://URL.com/index.php/acp/components/getregister.do or
http://URL.com/index.php/acp/components/2312register.do

whereas I can access everything else like
http://URL.com/index.php/acp/components/registerasdasd.do
http://URL.com/index.php/acp/components/register2.do
http://URL.com/index.php/acp/components/foobar.do
http://URL.com/index.php/acp/components/while.do

I even can access these [200]:
http://URL.com/index.php/acp/register
http://URL.com/index.php/acp/Register.do

Again but not these:
http://URL.com/index.php/acp/register.do [403]
http://URL.com/index.php/acp/Register.do [301]

But again, forget 301's... Code only does 301. Why 403's do occur?! I 
realize this is not mod-rewrite related now :)



Shehi

- Original Message - 
From: Eric Covener cove...@gmail.com

To: users@httpd.apache.org
Sent: Wednesday, May 27, 2009 10:24 PM
Subject: Re: [us...@httpd] mod-rewrite: ReWrite failure due to a 
reserved word?!




What happens when you remove rewrite from the equation and just send
the requests through your index.php?

IOW, is the 403 issued by the PHP code?

-
The official User-To-User support forum of the Apache HTTP Server 
Project.

See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org



-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org



-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?!

[Shahriyar Shehi Imanov]

BLOODY HELL, I can't believe my dumbness :D

I prepended my .htaccess with PERISHABLE PRESS 4G BLACKLIST for protection 
purposes, and it was the reason. Removed it and everything was fixed. I 
apologize guys for wasting your time here, and Eric, sorry for the earlier one 
:D. Thanks everyone for help. Matt, I will think about your go for simple 
suggestion, thanks.


Their code is as follows:

### PERISHABLE PRESS 4G BLACKLIST ###

# ESSENTIALS
RewriteEngine on
ServerSignature Off
Options All -Indexes
Options +FollowSymLinks

# FILTER REQUEST METHODS
IfModule mod_rewrite.c
 RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC]
 RewriteRule ^(.*)$ - [F,L]
/IfModule

# BLACKLIST CANDIDATES
Limit GET POST PUT
 Order Allow,Deny
 Allow from all
 Deny from 75.126.85.215   # blacklist candidate 2008-01-02 = admin-ajax.php 
attack 
 Deny from 128.111.48.138  # blacklist candidate 2008-02-10 = cryptic 
character strings 
 Deny from 87.248.163.54   # blacklist candidate 2008-03-09 = block 
administrative attacks 
 Deny from 84.122.143.99   # blacklist candidate 2008-04-27 = block clam store 
loser 
 Deny from 210.210.119.145 # blacklist candidate 2008-05-31 = block _vpi.xml 
attacks 
 Deny from 66.74.199.125   # blacklist candidate 2008-10-19 = block mindless 
spider running 
 Deny from 203.55.231.100  # 1048 attacks in 60 minutes
 Deny from 24.19.202.10# 1629 attacks in 90 minutes
/Limit

# QUERY STRING EXPLOITS
IfModule mod_rewrite.c
 RewriteCond %{QUERY_STRING} \.\.\/[NC,OR]
 RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
 RewriteCond %{QUERY_STRING} tag\= [NC,OR]
 RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
 RewriteCond %{QUERY_STRING} http\:[NC,OR]
 RewriteCond %{QUERY_STRING} https\:   [NC,OR]
 RewriteCond %{QUERY_STRING} mosConfig [NC,OR]
 RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|||'||;|\?|\*).* [NC,OR]
 RewriteCond %{QUERY_STRING} ^.*(%22|%27|%3C|%3E|%5C|%7B|%7C).* [NC,OR]
 RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR]
 RewriteCond %{QUERY_STRING} ^.*(globals|encode|config|localhost|loopback).* 
[NC,OR]
 RewriteCond %{QUERY_STRING} ^.*(request|select|insert|union|declare|drop).* 
[NC]
 RewriteRule ^(.*)$ - [F,L]
/IfModule

# CHARACTER STRINGS
IfModule mod_alias.c
 # BASIC CHARACTERS
 RedirectMatch 403 \,
 RedirectMatch 403 \:
 RedirectMatch 403 \;
 RedirectMatch 403 \=
 RedirectMatch 403 \@
 RedirectMatch 403 \[
 RedirectMatch 403 \]
 RedirectMatch 403 \^
 RedirectMatch 403 \`
 RedirectMatch 403 \{
 RedirectMatch 403 \}
 RedirectMatch 403 \~
 RedirectMatch 403 \
 RedirectMatch 403 \$
 RedirectMatch 403 \
 RedirectMatch 403 \
 RedirectMatch 403 \|
 RedirectMatch 403 \.\.
 RedirectMatch 403 \/\/
 RedirectMatch 403 \%0
 RedirectMatch 403 \%A
 RedirectMatch 403 \%B
 RedirectMatch 403 \%C
 RedirectMatch 403 \%D
 RedirectMatch 403 \%E
 RedirectMatch 403 \%F
 RedirectMatch 403 \%22
 RedirectMatch 403 \%27
 RedirectMatch 403 \%28
 RedirectMatch 403 \%29
 RedirectMatch 403 \%3C
 RedirectMatch 403 \%3E
 RedirectMatch 403 \%3F
 RedirectMatch 403 \%5B
 RedirectMatch 403 \%5C
 RedirectMatch 403 \%5D
 RedirectMatch 403 \%7B
 RedirectMatch 403 \%7C
 RedirectMatch 403 \%7D
 # COMMON PATTERNS
 RedirectMatch 404 wp\_
 Redirectmatch 403 \_vpi
 RedirectMatch 403 \.inc
 Redirectmatch 403 xAou6
 Redirectmatch 403 db\_name
 Redirectmatch 403 select\(
 Redirectmatch 403 convert\(
 Redirectmatch 403 \/query\/
 RedirectMatch 403 ImpEvData
 Redirectmatch 403 \.XMLHTTP
 Redirectmatch 403 proxydeny
 RedirectMatch 403 function\.
 Redirectmatch 403 remoteFile
 Redirectmatch 403 servername
 Redirectmatch 403 \rptmode\=
 Redirectmatch 403 sys\_cpanel
 RedirectMatch 403 db\_connect
 RedirectMatch 403 doeditconfig
 RedirectMatch 403 check\_proxy
 Redirectmatch 403 system\_user
 Redirectmatch 403 \/\(null\)\/
 Redirectmatch 403 clientrequest
 Redirectmatch 403 option\_value
 RedirectMatch 403 ref\.outcontrol
 # SPECIFIC EXPLOITS
 RedirectMatch 403 errors\.
 RedirectMatch 403 config\.
 RedirectMatch 403 include\.
 RedirectMatch 403 display\.
 RedirectMatch 403 register\.
 Redirectmatch 403 password\.
 RedirectMatch 403 maincore\.
 RedirectMatch 403 authorize\.
 Redirectmatch 403 macromates\.
 RedirectMatch 403 head\_auth\.
 RedirectMatch 403 submit\_links\.
 RedirectMatch 403 change\_action\.
 Redirectmatch 403 com\_facileforms\/
 RedirectMatch 403 admin\_db\_utilities\.
 RedirectMatch 403 admin\.webring\.docs\.
 Redirectmatch 403 Table\/Latest\/index\.
/IfModule

Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?!

[matt farey]

We can all be dumb as you saw from my mistakes!!
Sometimes the - in a regular expression gets interpreted as a range identifier, 
sometimes rewritebase can lead to non portability.
And annoyingly once you have all this stuff set up, optimisation (of headers) 
can get thrown, see yahoo performance blog to see how much complexity you will 
have to add to your index.php controller if you are including files from the 
file system to create your CMS.

Basically you are writing you own server piggybacking on apache and probably 
all for the sake of search engine friendly URLs!

Good luck with it though, next stop meta data and Lucene indexing via Zend 
eh

Matt
Sent from my BlackBerry® wireless device

-Original Message-
From: Shahriyar \Shehi\ Imanov sh...@imanov.name

Date: Wed, 27 May 2009 23:18:56 
To: users@httpd.apache.org
Subject: Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved 
word?!

BLOODY HELL, I can't believe my dumbness :D

I prepended my .htaccess with PERISHABLE PRESS 4G BLACKLIST for protection 
purposes, and it was the reason. Removed it and everything was fixed. I 
apologize guys for wasting your time here, and Eric, sorry for the earlier one 
:D. Thanks everyone for help. Matt, I will think about your go for simple 
suggestion, thanks.


Their code is as follows:

### PERISHABLE PRESS 4G BLACKLIST ###

# ESSENTIALS
RewriteEngine on
ServerSignature Off
Options All -Indexes
Options +FollowSymLinks

# FILTER REQUEST METHODS
IfModule mod_rewrite.c
 RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC]
 RewriteRule ^(.*)$ - [F,L]
/IfModule

# BLACKLIST CANDIDATES
Limit GET POST PUT
 Order Allow,Deny
 Allow from all
 Deny from 75.126.85.215   # blacklist candidate 2008-01-02 = admin-ajax.php 
attack 
 Deny from 128.111.48.138  # blacklist candidate 2008-02-10 = cryptic 
character strings 
 Deny from 87.248.163.54   # blacklist candidate 2008-03-09 = block 
administrative attacks 
 Deny from 84.122.143.99   # blacklist candidate 2008-04-27 = block clam store 
loser 
 Deny from 210.210.119.145 # blacklist candidate 2008-05-31 = block _vpi.xml 
attacks 
 Deny from 66.74.199.125   # blacklist candidate 2008-10-19 = block mindless 
spider running 
 Deny from 203.55.231.100  # 1048 attacks in 60 minutes
 Deny from 24.19.202.10# 1629 attacks in 90 minutes
/Limit

# QUERY STRING EXPLOITS
IfModule mod_rewrite.c
 RewriteCond %{QUERY_STRING} \.\.\/[NC,OR]
 RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
 RewriteCond %{QUERY_STRING} tag\= [NC,OR]
 RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
 RewriteCond %{QUERY_STRING} http\:[NC,OR]
 RewriteCond %{QUERY_STRING} https\:   [NC,OR]
 RewriteCond %{QUERY_STRING} mosConfig [NC,OR]
 RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|||'||;|\?|\*).* [NC,OR]
 RewriteCond %{QUERY_STRING} ^.*(%22|%27|%3C|%3E|%5C|%7B|%7C).* [NC,OR]
 RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR]
 RewriteCond %{QUERY_STRING} ^.*(globals|encode|config|localhost|loopback).* 
[NC,OR]
 RewriteCond %{QUERY_STRING} ^.*(request|select|insert|union|declare|drop).* 
[NC]
 RewriteRule ^(.*)$ - [F,L]
/IfModule

# CHARACTER STRINGS
IfModule mod_alias.c
 # BASIC CHARACTERS
 RedirectMatch 403 \,
 RedirectMatch 403 \:
 RedirectMatch 403 \;
 RedirectMatch 403 \=
 RedirectMatch 403 \@
 RedirectMatch 403 \[
 RedirectMatch 403 \]
 RedirectMatch 403 \^
 RedirectMatch 403 \`
 RedirectMatch 403 \{
 RedirectMatch 403 \}
 RedirectMatch 403 \~
 RedirectMatch 403 \
 RedirectMatch 403 \$
 RedirectMatch 403 \
 RedirectMatch 403 \
 RedirectMatch 403 \|
 RedirectMatch 403 \.\.
 RedirectMatch 403 \/\/
 RedirectMatch 403 \%0
 RedirectMatch 403 \%A
 RedirectMatch 403 \%B
 RedirectMatch 403 \%C
 RedirectMatch 403 \%D
 RedirectMatch 403 \%E
 RedirectMatch 403 \%F
 RedirectMatch 403 \%22
 RedirectMatch 403 \%27
 RedirectMatch 403 \%28
 RedirectMatch 403 \%29
 RedirectMatch 403 \%3C
 RedirectMatch 403 \%3E
 RedirectMatch 403 \%3F
 RedirectMatch 403 \%5B
 RedirectMatch 403 \%5C
 RedirectMatch 403 \%5D
 RedirectMatch 403 \%7B
 RedirectMatch 403 \%7C
 RedirectMatch 403 \%7D
 # COMMON PATTERNS
 RedirectMatch 404 wp\_
 Redirectmatch 403 \_vpi
 RedirectMatch 403 \.inc
 Redirectmatch 403 xAou6
 Redirectmatch 403 db\_name
 Redirectmatch 403 select\(
 Redirectmatch 403 convert\(
 Redirectmatch 403 \/query\/
 RedirectMatch 403 ImpEvData
 Redirectmatch 403 \.XMLHTTP
 Redirectmatch 403 proxydeny
 RedirectMatch 403 function\.
 Redirectmatch 403 remoteFile
 Redirectmatch 403 servername
 Redirectmatch 403 \rptmode\=
 Redirectmatch 403 sys\_cpanel
 RedirectMatch 403 db\_connect
 RedirectMatch 403 doeditconfig
 RedirectMatch 403 check\_proxy
 Redirectmatch 403 system\_user
 Redirectmatch 403 \/\(null\)\/
 Redirectmatch 403 clientrequest
 Redirectmatch 403 option\_value
 RedirectMatch 403 ref\.outcontrol
 # SPECIFIC EXPLOITS
 RedirectMatch 403 errors\.
 RedirectMatch 403 config\.
 RedirectMatch 403 include\.
 RedirectMatch 403 display\.
 RedirectMatch 403 register\.
 

Re: [us...@httpd] Rewrite doesn't work !!

[ricardo figueiredo]

Great Eric,

You're right !!!  The problem was the slash in RewriteRule (RewriteRule
^/(.*) http://${prgmap:$1}/ [P] ).

Now, I have one more doubt.

My external program forward request with URL with final /1, or /2 and others
URL  (for example, /3, /4, /5, etc...) I would like drop.
The external program drops request rewriting URL to /bad_url.

My httpd.conf has these directive and It means for me:

RewriteCond ${prgmap:$1} =/bad_url   # if (prgmap == /bad_url)
RewriteRule (.*) - [F]  # drop
request
RewriteRule ^(.*) http://${prgmap:$1}/ [P] # else forward to machine
with IP address

But, When external program rewrite to /bad_url then happen it.

(2) init rewrite engine with requested uri /1
(3) applying pattern '${prgmap:$1}' to uri '/1'
(3) applying pattern '^(.*)' to uri '/1'
(5) map lookup OK: map=prgmap key=/1 - val=/bad_url
(2) rewrite '/1' - 'http:///bad_url/'
(2) forcing proxy-throughput with http:///bad_url/
(1) go-ahead with proxy request proxy:http:///bad_url/ [OK]

How I drop request instead forward to cluster ???

Thank you
Ricardo





On Wed, May 27, 2009 at 4:29 PM, ricardo figueiredo 
ricardoogra...@gmail.com wrote:

 Hi,

 I run the program outside of Apache, and it works perfeclty (How I would
 like). When typed 'http://localhost/1' in browser, the variable number is
 assigned value 1.

 Why mod_rewrite doesn't rewrite URL ??? I'm writing IP address to output
 program.

 Thank You
 Ricardo



 On Wed, May 27, 2009 at 3:04 PM, Eric Covener cove...@gmail.com wrote:

   sscanf(strchr(input,'/') + 1, %d, number);  // extract only
 number

 RewriteRule ^/(.*) http://${prgmap:$1}/ [P]

  (5) map lookup OK: map=prgmap key=1 - val=

 Decide whether your passing in something with a slash or not.  Does
 your program do the right thing when run outside of Apache?


 --
 Eric Covener
 cove...@gmail.com

 -
 The official User-To-User support forum of the Apache HTTP Server Project.
 See URL:http://httpd.apache.org/userslist.html for more info.
 To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
 For additional commands, e-mail: users-h...@httpd.apache.org




 --
 Muito Obrigado

 Ricardo




-- 
Muito Obrigado

Ricardo

Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?!

[Shahriyar Shehi Imanov]

Lol yea, you guessed quite right. Until recently I was a PEAR user, but 
switched to Zend FW recently. Although Zend Db's Zend_Db_Select is a pain in 
ass, I managed to port everything to my existing Db handlers. Optimization is 
the concern at the moment, but I am sure it won't be hard to overcome those. I 
generally try to write RDBMS-independent system you know.

For search I plan to use Zend_Search_Lucene, although its completely new 
concept for me. I was kinda go easy guy, was planning to use plain MYSQL FULL 
TEXT search, but as Da Vinci says: “Simplicity is the ultimate sophistication.” 
:D Plus FULL TEXT idea wouldn't work on other RDBMS's. So, guess I will have to 
use sophisticated tools after all.

Thanks again for everything.

Shehi

Re: [us...@httpd] Issue w/ Apache httpd 2.2.11 in Windows Vista

[kowa]

 k...@redshift.com wrote:
 I installed Apache as a service as normal, then tried to run it.  It
 ran...but it won't read the httpd.conf file.  Even changing the
 service to call httpd.exe -k runservice -f (path to conf file) *does
 not work*.  I can only run httpd manually, from the command prompt,
 with the -f parameter, and get it to read the conf file.

 Why???

 Not enough info for anyone to give you an answer.  Some thoughts; don't
 mess with the HKLM\Services key ever, always use httpd.exe -k config.

httpd.exe -k config output:

C:\Program Files\Apache Software Foundation\Apache2.2\binhttpd.exe -k config
Reconfiguring the Apache2.2 service
The Apache2.2 service is successfully installed.
Testing httpd.conf
Errors reported here must be corrected before the service can be started.

But no errors are output, and nothing shows up in the error log or the
application event log either.

 Another
 thought - using UAC?  If you don't understand how it can hide file
 changes and keep them private to your login, disable it.  You changed
 the run-as user of the httpd service?  Perhaps it doesn't have write
 access to the logs directory.  Perhaps you broke permissions on the
 volume for the SYSTEM (aka LocalSystem) account?  It needs list and
 read directory permission all the way from the root to all of the files
 it uses or serves.

1) I disabled UAC.  Doesn't help (although I much prefer a lot fewer
warning dialogs!)
2) Didn't change the run-as user of httpd.  It HAS write access to the log
file, because when I try to access a file in my browser when running httpd
as a service, I get this in the log file:

[Wed May 27 17:30:04 2009] [error] [client 127.0.0.1] File does not exist:
C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/test.html

In httpd.conf, I have the document root pointing to a different folder, so
that's how I know it's not reading httpd.conf.

 FYI, nothing shows up in the error log to explain this.  Also,
 apparently the registry key pointing to the proper path IS set
 (HKLM\SOFTWARE\Apache Software Foundation\Apache\2.2.11 ServerRoot)
 but isn't being used.

 Note early startup errors are recorded to the Application Event Log.

Nothing in there either.

Hlp...

Damon


-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Issue w/ Apache httpd 2.2.11 in Windows Vista

[kowa]

Well, I solved it even though I have no idea what was going on.  After
disabling UAC, I happened to glance at the httpd.conf again and it was
back to the default.  I edited it AGAIN to set the correct configuration
and lo and behold, now I can run httpd as a service.

Did UAC do that?

If it did, it's just plain evil...

Damon


-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] Reverse proxy+Certs

[Luis Daniel Lucio Quiroz]

Hi there

We have successfully install apache as normal reverse proxy, but now as a 
new requirement, real servers uses PKI for authenticate a site (mainly 
certificates) instead of using plain or digest.

Of course, apache as we have fails.  Does anyone has a guide of what should we 
do in this case?

Best Regards,

LD

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Issue w/ Apache httpd 2.2.11 in Windows Vista

[Frank Gingras]

Damon,

UAC is likely to revert changes to config files, yes, without warning.

Evil it is.

Frank

k...@redshift.com wrote:

Well, I solved it even though I have no idea what was going on.  After
disabling UAC, I happened to glance at the httpd.conf again and it was
back to the default.  I edited it AGAIN to set the correct configuration
and lo and behold, now I can run httpd as a service.

Did UAC do that?

If it did, it's just plain evil...

Damon


-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org



-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Issue w/ Apache httpd 2.2.11 in Windows Vista

[William A. Rowe, Jr.]

k...@redshift.com wrote:
 k...@redshift.com wrote:
 I installed Apache as a service as normal, then tried to run it.  It
 ran...but it won't read the httpd.conf file.  Even changing the
 service to call httpd.exe -k runservice -f (path to conf file) *does
 not work*.  I can only run httpd manually, from the command prompt,
 with the -f parameter, and get it to read the conf file.

 Why???
 Not enough info for anyone to give you an answer.  Some thoughts; don't
 mess with the HKLM\Services key ever, always use httpd.exe -k config.
 
 httpd.exe -k config output:
 
 C:\Program Files\Apache Software Foundation\Apache2.2\binhttpd.exe -k config
 Reconfiguring the Apache2.2 service
 The Apache2.2 service is successfully installed.
 Testing httpd.conf
 Errors reported here must be corrected before the service can be started.

defaults to;
 C:\Program Files\Apache Software Foundation\Apache2.2\conf\httpd.conf

you moved httpd.conf?  Then you must

httpd.exe -k config -d ServerRootDir -f PathTohttpd.conf

 In httpd.conf, I have the document root pointing to a different folder, so
 that's how I know it's not reading httpd.conf.

on the local drive or on the network?


-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!

[Jeff Shearer]

It sure would be great if Sam the man would publish his notes so others 
wouldn't suffer the same learning frustration as Sam.


Peter Schober wrote:

* Sam theman xray...@hotmail.com [2009-05-27 20:45]:

I was able to build a FIPS 140-2 apache, thanks to nobody at the
apache users list.


On a more constructive note: docs get written when someone does the
work and puts them together. Find a stable place for your notes and
publish them, so others can find them.
-peter

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org




-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!

[Doug Bell]

On May 27, 2009, at 6:37 PM, Jeff Shearer wrote:

I was able to build a FIPS 140-2 apache, thanks to nobody at the
apache users list.

On a more constructive note: docs get written when someone does the
work and puts them together. Find a stable place for your notes and
publish them, so others can find them.
It sure would be great if Sam the man would publish his notes so  
others wouldn't suffer the same learning frustration as Sam.


Or this nobody character. Perhaps s/he should help write some docs  
for us.


Doug Bell -- Senior Developer, Plain Black Corp.
[ http://plainblack.com ]




-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] Where to put .htpassd on CentOS?

[Jason Todd Slack-Moehrle]

Hi All,

Where is the proper place to put .htpasswd on CentOS 5.3 so I can  
password protect

directories in /var/www/html?

/etc/httpd/run?

-Jason


-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] How does Prefork work?

[CrystalCracker]

Can anyone explain me how exactly prefork works?

StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
ServerLimit 16

I think I got confused between the terms - server, process and thread. If
prefork is a single thread process, what does that ThreadsPerChild mean for
prefork? Lets say, I wan't to support 250 active sessions logged into my
site, what would be a tentative settings to meet the load?


-- 
View this message in context: 
http://www.nabble.com/How-does-Prefork-work--tp23754946p23754946.html
Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Userid and reverse proxy

[Efjestad, Dag]

Yes I tried LA-U without any luck :-(

-Opprinnelig melding-
Fra: Stefano Sasso [mailto:stesa...@gmail.com] 
Sendt: 27. mai 2009 21:20
Til: users@httpd.apache.org
Emne: Re: [us...@httpd] Userid and reverse proxy

2009/5/27 Efjestad, Dag dag.efjes...@solvea.no:
 I tried several options but no value in remote_user.

did you try with LA-U? from apache mod_rewrite docs:

For instance, to rewrite according to the REMOTE_USER variable from
within the per-server context (httpd.conf file) you must use
%{LA-U:REMOTE_USER} - this variable is set by the authorization
phases, which come after the URL translation phase (during which
mod_rewrite operates).

bye,
-- 
Stefano Sasso
stesa...@gmail.com
http://www.gnustile.net/

-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org