[users@httpd] Detection of apache2 shared memory segment

2011-10-03 Thread Petr Hracek 
Dear users,

sometimes my server could not be started correctly because of shared
memory segment
still exists on the Linux machine:

linux:/usr/sbin # ipcs -m

-- Shared Memory Segments 
keyshmid  owner  perms  bytes  nattch status
0x0310 32768  root  6661  1
0x01071f96 744751107  root  600262144 6
0x52574803 744685572  root  666107724817
0x 229381 root  600655360 2
0x 262150 gdm   600196608 2  dest

linux:/usr/sbin #

How can I recognize what shared memory segment belongs to apache2 webserver?

Thank you in advance.

-- 
Best Regards / S pozdravem
Petr Hracek

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Vanity URL Rewrites Best Practices?

2011-10-03 Thread Scott Gifford 
On Mon, Oct 3, 2011 at 2:25 PM, Nick Tkach  wrote:

> Does anyone have any pointers/suggestions on the best way to do vanity url
> rewrites?
>
> For example,
>
>
>
> http://foo.com/mmh/maintenance_plan/tip?contentCategoryType=MaintenanceTip&id=%2Fwww%2Favm_webapps%2Fmmh%2Fmaintenance-tips%2Fcontent%2Fafter_blizzard.xml
>
>
> Being sent to
>
>
>  http://foo.com/mmh/articles/authored/after-blizzard


Drupal  uses rules like this:

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]

That is, "if there is no matching file or directory, redirect to an
index.php script and pass the URL in as the parameter q".  That script then
looks up the URL in a database and serves up the right content.

That is a pretty common approach.

Hope this helps,

-Scott.

[users@httpd] Re: Vanity URL Rewrites Best Practices?

2011-10-03 Thread Andrew Schulman 
> For example,
> 
> http://foo.com/mmh/maintenance_plan/tip?contentCategoryType=MaintenanceTip&id=%2Fwww%2Favm_webapps%2Fmmh%2Fmaintenance-tips%2Fcontent%2Fafter_blizzard.xml
> 
> Being sent to
> 
>  http://foo.com/mmh/articles/authored/after-blizzard
> 
> We've got a very frequent process where we'll get a huge block of rewrites
> like this that vary just by the last part and so far just keep going through
> and adding dozens and dozens of new rewrite rules each time.  Surely there
> has to be a better way?  (Ideally that just involve Apache changes and not
> code changes on the back-end)

Are the requests similar enough that you can write a single regular expression,
or maybe two or three, that extracts the useful part from the URL in every case?
For example,

RewriteCond %{REQUEST_URI} ^/mmh/
RewriteCond %{QUERY_STRING} \%2F(\w+)\.xml$
RewriteRule .* /mmh/articles/authored/%1

If you can describe all of the requests in this way or something like it, you're
done.  If not, if each request is so different that it needs its own regular
expression, then it seems you're doomed to keep doing it as you are now.

Good luck,
Andrew.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Vanity URL Rewrites Best Practices?

2011-10-03 Thread Nick Tkach 
Does anyone have any pointers/suggestions on the best way to do vanity url
rewrites?

For example,



http://foo.com/mmh/maintenance_plan/tip?contentCategoryType=MaintenanceTip&id=%2Fwww%2Favm_webapps%2Fmmh%2Fmaintenance-tips%2Fcontent%2Fafter_blizzard.xml


Being sent to


 http://foo.com/mmh/articles/authored/after-blizzard


We've got a very frequent process where we'll get a huge block of rewrites
like this that vary just by the last part and so far just keep going through
and adding dozens and dozens of new rewrite rules each time.  Surely there
has to be a better way?  (Ideally that just involve Apache changes and not
code changes on the back-end)

[users@httpd] SSL Smartcard and Chrome browser

2011-10-03 Thread Margus Pärt 
Hello!


Problem #1

1. Log in to site1.com with Smartcard (and enter PIN1)
2. Go to site2.com and enter with Smartcard


Result:
No PIN1 is asked. (Chrome caches PIN1)



Problem #2

1. Log in to site1.com with Smartcard (SSLCacheTimeout and
KeepAliveTimeout are 1)
2. Try to log in again without Smartcard

Result:
Certificate is not asked again. (Haven't had the time to test, but
Chrome probably keeps TCP session up, so SSL session is never timed
out.)




Any ideas?


Br,
Margus



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] reverse proxy and ldap authentication

2011-10-03 Thread Aurélien PROVIN 
Hi,

I’m trying to install reverse proxy with Apache. But ldap authentication
doen’t seem to work.

When I directly access to the internal website (web.newdomain.com) : no
problem, I have an authentication popup.

When I access via reverse proxy, there is no authentication popup and it
doesn’t work.

I don’t understand why I don’t have authentication popup with reverse
proxy. I can see to logs the “GET /”  in both situations…

Someone can help me ?

Regards,





My virtualhosts for reverse proxy :


ServerAdmin webmas...@mydomain.com
ServerName reverse-pxy.mydomain.com

RedirectPermanent   /   https://reverse-pxy.mydomain.com/

ErrorLog ${APACHE_LOG_DIR}/error_reverse_80.log

# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn

CustomLog ${APACHE_LOG_DIR}/access.log combined






ServerAdmin webmas...@mydomain.com
ServerName reverse-pxy.mydomain.com


ProxyRequests On
ProxyVia full

ProxyPass /server-status !
ProxyPass / http://web.newdomain.com/
ProxyPassReverse / http://web.newdomain.com/


ErrorLog ${APACHE_LOG_DIR}/error.log

# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel error

CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

SSLEngine on
SSLCertificateFile server.crt
SSLCertificateKeyFile server.key





My virtualhosts for internal web server :


ServerAdmin webmas...@web.newdomain.com
ServerName web.newdomain.com

DocumentRoot /var/www/auth

Alias /no_auth /var/www/no_auth

Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all


ErrorLog ${APACHE_LOG_DIR}/error.log

# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel debug

CustomLog ${APACHE_LOG_DIR}/access.log combined





ServerAdmin webmas...@web.newdomain.com
ServerName web.newdomain.com

DocumentRoot /var/www/auth

Options FollowSymLinks
AllowOverride None
Order allow,deny
allow from all
deny from all

AuthType Basic
AuthName "Acces intranet"
AuthBasicProvider ldap
AuthBasicAuthoritative On
AuthzLDAPAuthoritative Off
AuthLDAPBindDN cn=apache,dc=newdomain,dc=com
AuthLDAPBindPassword a_password
AuthLDAPURL "ldap://192.168.0.1
192.168.0.2/ou=myproject,dc=newdomain,dc=com?uid?sub?(objectClass=*)"



Options -Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
Require valid-user


Alias /no_auth /var/www/no_auth

Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all



ErrorLog ${APACHE_LOG_DIR}/error.log

LogLevel error

CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

#   SSL Engine Switch:
#   Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile server.crt
SSLCertificateKeyFile server.key





See reverse proxy logs :

==> access.log <==
"GET /index.php HTTP/1.0" 302 688 "-" "Mozilla/4.0 (compatible;  )"
"GET /logout.php HTTP/1.0" 200 11699 "-" "Mozilla/4.0 (compatible;  )"



And internal webserver logs :

"GET /index.php HTTP/1.1" 302 412 "-" "Mozilla/4.0 (compatible;  )"

==> error.log <==
[error] [client ***ip reverse***] PHP Notice:  Undefined index: SESSION in
/var/www/auth/./fichier.php on line **


==> access.log <==
"GET /logout.php HTTP/1.1" 200 11346 "-" "Mozilla/4.0 (compatible;  )"



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org