RE: [EMAIL PROTECTED] proxypassreverse redirection
Is there a standard way to send credentials at once instead of displaying auth box ? Fabian -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Joshua Slive Envoyé : lundi 13 février 2006 14:51 À : users@httpd.apache.org Objet : Re: [EMAIL PROTECTED] proxypassreverse redirection On 2/13/06, Frederick, Fabian <[EMAIL PROTECTED]> wrote: > This method works but I'd like to avoid access _only_ without > authentification : > http://site returns 401 with www-auth > > ... But I'm surprised http://user:[EMAIL PROTECTED] works in 2 phases : > > 1.Server returns 401 (why?) > 2.Account is logged; server returns 302 > > How can I recognize http://site from the second http://user:[EMAIL PROTECTED] > ? Is it possible from cgi to check complete url ? The http://user:[EMAIL PROTECTED] thing is completely non-standard and doesn't work at all in most browsers, as far as I know. So how it works in your particular case would depend on the browser's actions, not the servers. Obviously your browser is not sending the credentials until after it receives a 401, which is the standard way to do things in general, but is a little strange given that the browser knows the credentials. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] proxypassreverse redirection
This method works but I'd like to avoid access _only_ without authentification : http://site returns 401 with www-auth ... But I'm surprised http://user:[EMAIL PROTECTED] works in 2 phases : 1.Server returns 401 (why?) 2.Account is logged; server returns 302 How can I recognize http://site from the second http://user:[EMAIL PROTECTED] ? Is it possible from cgi to check complete url ? Fabian -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Joshua Slive Envoyé : vendredi 10 février 2006 15:49 À : users@httpd.apache.org Objet : Re: [EMAIL PROTECTED] proxypassreverse redirection On 2/10/06, Frederick, Fabian <[EMAIL PROTECTED]> wrote: > It's exactly what I need ! 401 with proxyerroroverride displays my new page > but keeps displaying www-auth box.Do you have a sample of such a script I > could use to change 401 -> 404 for instance ? #!/bin/sh echo Status: 301 echo Location: http://yoursite.example.com/path/to/other/page.html echo (Not tested.) Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] proxypassreverse redirection
It's exactly what I need ! 401 with proxyerroroverride displays my new page but keeps displaying www-auth box.Do you have a sample of such a script I could use to change 401 -> 404 for instance ? Fabian -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Joshua Slive Envoyé : jeudi 9 février 2006 19:15 À : users@httpd.apache.org Objet : Re: [EMAIL PROTECTED] proxypassreverse redirection On 2/9/06, Frederick, Fabian <[EMAIL PROTECTED]> wrote: > Is it possible to redirect a proxypassreverse in some cases ? eg > if internal server returns a 401 I'd like to avoid displaying auth box. ProxyErrorOverride may work for this (I haven't tried myself). But you'd need to point ErrorDocument 401 on the proxy server to a cgi script that would rewrite the status code. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] proxypassreverse redirection
Hi, Is it possible to redirect a proxypassreverse in some cases ? eg if internal server returns a 401 I'd like to avoid displaying auth box. Regards, Fabian
RE: [EMAIL PROTECTED] ProxyPassReverseCookieDomain
It seems private server is giving 302 : Livehttpheaders gives http/1.x 302 object moved Server : privateserver httpd version Content-length:149 Content-type:text/html Location : https://publicserver X-powered-by:private server The only difference between private server direct interrogation and public server (when authentification is done) is the Fact that GET has no cookie attribute when using public one ... Meanwhile, working directly on private server, each request has Cookie : session-id ... So proxypass works, proxypassreverse works, proxypassreversecookie works ... But browser don't send back a cookie to publicserver as that cookie seems 'attached' to private server ... I declared ProxyPassReverseCookieDomain and ProxyPassReverseCookiePath ProxyPassReverseCookieDomain privateIP publicIP ProxyPassReverseCookiePath / / Regards, Fabian -Message d'origine- De : Axel-Stéphane SMORGRAV [mailto:[EMAIL PROTECTED] Envoyé : vendredi 16 décembre 2005 14:56 À : users@httpd.apache.org Objet : RE: [EMAIL PROTECTED] ProxyPassReverseCookieDomain That's more or less what it usually should be. You need to verify who issues the HTTP 302: the authentication module or the application? A trace from LiveHTTPHeaders would really be useful, because we do not have much to work on here... -ascs -Original Message- From: Frederick, Fabian [mailto:[EMAIL PROTECTED] Sent: Friday, December 16, 2005 2:47 PM To: users@httpd.apache.org Subject: RE: [EMAIL PROTECTED] ProxyPassReverseCookieDomain I tried with proxypass = proxypassreverse : / http://myprivateserver When authentification is done, there's a loop with always the same response by privateserver : http/1.x 302 object moved Still an error in proxypassreverse Axel ? Regards, Fabian - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] ProxyPassReverseCookieDomain
I tried with proxypass = proxypassreverse : / http://myprivateserver When authentification is done, there's a loop with always the same response by privateserver : http/1.x 302 object moved Still an error in proxypassreverse Axel ? Regards, Fabian -Message d'origine- De : Axel-Stéphane SMORGRAV [mailto:[EMAIL PROTECTED] Envoyé : vendredi 16 décembre 2005 14:18 À : users@httpd.apache.org Objet : RE: [EMAIL PROTECTED] ProxyPassReverseCookieDomain I assume that what is happening is that privateserver issues a redirect to itself which is not rewritten by the reverse proxy, i.e. the Location header of the HTTP 302 is not rewritten. This happens because you do not have the appropriate ProxyPassReverse in your configuration. In order to get more insight into exactly what is going on I suggest that you try using LiveHTTPHeaders with Firefow, or HTTPWatch with IE. These tools will enable you to see the values of all headers in the requests as well as in the responses, and you will be able to modify your ProxyPassReverse statements accordingly. If you cannot figure it out, please post a trace from LiveHTTPHeaders. -ascs -Original Message----- From: Frederick, Fabian [mailto:[EMAIL PROTECTED] Sent: Friday, December 16, 2005 12:08 PM To: users@httpd.apache.org Subject: RE: [EMAIL PROTECTED] ProxyPassReverseCookieDomain Thanks Axel ! It works now :) But a major problem appears : Here's the scenario : Http//publicserver displays authentification box from private server : Entering name and password for privateserver at publicserver (here before sending, netstat gives no direct link to privateserver). When completed correctly, client receives the cookie BUT appears in address http//privateserver page Netstat gives now a direct link to private server ... Is there a way to avoid this ? IOW to keep this 'tunnel' client -> public server -> private server ? Regards, Fabian -Message d'origine- De : Axel-Stéphane SMORGRAV [mailto:[EMAIL PROTECTED] Envoyé : mardi 13 décembre 2005 14:29 À : users@httpd.apache.org Objet : RE: [EMAIL PROTECTED] ProxyPassReverseCookieDomain After having checked the CHANGES_2.0 file, it seems like ProxyPassReverseCookieDomain has not made it into the 2.0.55 distribution. If you need that functionality you should therefore apply the patch attached to Bugzilla BR 10722 (patch 11915) and recompile the appropriate modules. The order of parameters for ProxyPassReverseCookieDomain (and ProxyPassReverseCookiePath) is the same as for ProxyPass. -ascs -Original Message- From: Frederick, Fabian [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 13, 2005 11:36 AM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] ProxyPassReverseCookieDomain Hi, Does Apache 2.0.55 able to reverse proxy cookies using ProxyPassReverseCookieDomain ? Maybe someone has a link to a sample config somewhere ? I don't understand ProxyPassReverseCookiePath parameter ... Best regards, Fabian - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] ProxyPassReverseCookieDomain
Thanks Axel ! It works now :) But a major problem appears : Here's the scenario : Http//publicserver displays authentification box from private server : Entering name and password for privateserver at publicserver (here before sending, netstat gives no direct link to privateserver). When completed correctly, client receives the cookie BUT appears in address http//privateserver page Netstat gives now a direct link to private server ... Is there a way to avoid this ? IOW to keep this 'tunnel' client -> public server -> private server ? Regards, Fabian -Message d'origine- De : Axel-Stéphane SMORGRAV [mailto:[EMAIL PROTECTED] Envoyé : mardi 13 décembre 2005 14:29 À : users@httpd.apache.org Objet : RE: [EMAIL PROTECTED] ProxyPassReverseCookieDomain After having checked the CHANGES_2.0 file, it seems like ProxyPassReverseCookieDomain has not made it into the 2.0.55 distribution. If you need that functionality you should therefore apply the patch attached to Bugzilla BR 10722 (patch 11915) and recompile the appropriate modules. The order of parameters for ProxyPassReverseCookieDomain (and ProxyPassReverseCookiePath) is the same as for ProxyPass. -ascs -Original Message----- From: Frederick, Fabian [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 13, 2005 11:36 AM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] ProxyPassReverseCookieDomain Hi, Does Apache 2.0.55 able to reverse proxy cookies using ProxyPassReverseCookieDomain ? Maybe someone has a link to a sample config somewhere ? I don't understand ProxyPassReverseCookiePath parameter ... Best regards, Fabian - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] ProxyPassReverseCookieDomain
Hi, Does Apache 2.0.55 able to reverse proxy cookies using ProxyPassReverseCookieDomain ? Maybe someone has a link to a sample config somewhere ? I don't understand ProxyPassReverseCookiePath parameter ... Best regards, Fabian - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] SS>65000 !
You're absolutely right, I thought I add some relevant remaining process but pid column is empty there. Thanks :) Fabian De : Axel-Stéphane SMORGRAV [mailto:[EMAIL PROTECTED] Envoyé : mardi 13 décembre 2005 09:12À : users@httpd.apache.orgObjet : RE: [EMAIL PROTECTED] SS>65000 ! server-status keeps track of the status of the last request that was served in each slot. SS > 65000 means that at least 65000 seconds have elapsed since the last request served in that particular slot began. There is absolutely nothing wrong with that. -ascs From: Frederick, Fabian [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 13, 2005 9:06 AMTo: users@httpd.apache.orgSubject: [EMAIL PROTECTED] SS>65000 ! Hi, My server status reveals some requests with SS > 65000 for some 'get myfile.txt http/1.0' for instance.What does it mean ? Unclosed files in scripts or something ? What seems strange to me is get somefile.gif with great SS as well :( Best regards, Fabian
[EMAIL PROTECTED] SS>65000 !
Hi, My server status reveals some requests with SS > 65000 for some 'get myfile.txt http/1.0' for instance.What does it mean ? Unclosed files in scripts or something ? What seems strange to me is get somefile.gif with great SS as well :( Best regards, Fabian
RE: [EMAIL PROTECTED] http processes killing server
Hi, I've got the same kind of problem with apache 2.0.49 : lot of processes remaining in memory. Databases checked and ok ... Is there a way to tell apache to autokill old processes ? Regards, Fabian -Message d'origine- De : Benjamin Adams [mailto:[EMAIL PROTECTED] Envoyé : vendredi 2 décembre 2005 01:02 À : users@httpd.apache.org Objet : [EMAIL PROTECTED] http processes killing server I have a Mac Server running tiger with Dual G5 and 8G Ram running apache 1.3.33, php4, MySQL 4.1 (10G Database) Processes: 129 total, 4 running, 5 stuck, 120 sleeping... 309 threads 18:58:02 Load Avg: 3.84, 4.29, 3.88 CPU usage: 3.3% user, 75.2% sys, 21.5% idle SharedLibs: num = 27, resident = 9.18M code, 696K data, 4.04M LinkEdit MemRegions: num = 24727, resident = 342M + 11.5M private, 65.9M shared PhysMem: 380M wired, 386M active, 3.89G inactive, 4.64G used, 3.36G free VM: 8.76G + 18.9M 5911231(0) pageins, 5472(0) pageouts PID COMMAND %CPU TIME #TH #PRTS #MREGS RPRVT RSHRD RSIZE VSIZE 27164 httpd 25.1% 3:04.91 112 180 4.48M 35.7M 13.1M + 128M 27168 httpd 22.5% 3:35.49 112 182 3.36M- 35.7M 14.1M + 128M+ 14112 httpd 21.8% 0:22.96 112 179 3.36M 35.7M 7.94M + 127M 27426 httpd 18.2% 4:06.94 112 180 4.32M 35.7M 13.9M + 128M 27167 httpd 16.9% 3:13.61 112 181 4.31M+ 35.7M 12.9M + 128M+ 11990 httpd 15.8% 0:34.96 112 175 3.54M 35.7M 11.1M + 128M 15345 top 15.4% 0:40.40 13923 1.64M 532K 2.08M 27.0M 15452 httpd 13.3% 0:05.55 112 179 3.19M+ 35.7M 6.37M- 127M 0 kernel_tas 2.0% 15:48:40 44 2 8725 74.9M 0K 300M 1.72G 15834 xftpd0.1% 0:00.11 11821 264K 652K 888K 27.0M 15715 httpd0.1% 0:04.78 112 174 2.84M 35.7M 7.85M 127M 18420 SecurityAg 0.1% 5:43.07 172 105 1.70M 10.4M 8.07M 151M 27163 httpd0.1% 5:12.64 112 175 4.64M 35.7M 14.3M + 128M http processes hit 50+ the server dies, how can I stop this for happening? it runs fine when the processes are 20-40 httpd.conf ExtendedStatus On Timeout 30 KeepAlive On MaxKeepAliveRequests 100 KeepAliveTimeout 10 MaxClients 500 MinSpareServers 3 MaxSpareServers 5 StartServers 4 MaxRequestsPerChild 8000 any help would be great!! - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] httpd2-prefork processes running forever ...
Hi, I'm facing a strange problem on a production box I'm running for some months.Suddenly, I've got remaining httpd2-prefork processes remaining in memory for hours (6/7% CPU). On the other hand, I've got lot of 'sleeping forever' mysql query processes.Problem is mysql doesn't say anything about query so I'm unable to find where problem comes from. I've tried lsof -p so I know it's my portal which is troublesome but this one uses lot of external blocks ... Is there a way to know what an httpd2-prefork process is exactly doing ? The only way I found to have my server running again is an apachectl restart :( (apache 2.0.49) Best regards, Fabian