I am new to Apache and Mod_Perl and I have a
question.
I am running Red Hat 6.0 on an Intel
machine.
I loaded the Server setup.
Apache 1.3.6 is loaded and runs fine. I was able to
load and run Mod_Perl RMS package from Red Hat as DSO.
I want to upgrade to Apache 1.3.14 and latest
version
On Mon, 16 Oct 2000, David E. Wheeler wrote:
Matt Sergeant wrote:
On Mon, 16 Oct 2000, David E. Wheeler wrote:
I'm confused. Why are you using gmtime then?
Because if no time is supplied, I want it to default to GMT. I'm setting
up an app in which the database will store date/time
Annette wrote:
I am new to Apache and Mod_Perl and I have a question. I am running
Red Hat 6.0 on an Intel machine.I loaded the Server setup.Apache 1.3.6
is loaded and runs fine. I was able to load and run Mod_Perl RMS
package from Red Hat as DSO. I want to upgrade to Apache 1.3.14 and
At 23:59 16/10/2000 -0700, Annette wrote:
How do I install the latest version of Mod_Perl? Every time I try to install
it I receive a message stating I need Apache 1.3.0 and then it aborts.
I tried Mod_Perl version 1.19, 1.21, and 1.24 and I receive the same error.
You need 1.24_01 to work
http://www.performancecomputing.com/books/book_preview2_pf.htm
Hi all
Is it possible to authenticate a user without
having to use the unfriendly login box provided by browsers, without using
cookies?
I have managed to authenticate a user once through
some text fields on a HTML page but unfortunately this does not make the browser
remember the user's
Hi
- Original Message -
From: "Ian Frawley" [EMAIL PROTECTED]
Is it possible to authenticate a user without having to use the
unfriendly login box provided by browsers, without using cookies?
2 words: digital certificates
This probably means a lot of infrastructure [LDAP, CA, smart
Here's what I would do:
Remove the rpm version of apache:
# rpm -e packagename
If you want to use the start up files that are part of that
package just copy them some where since they'll be removed.
Build the source version following the directions in the mod_perl
document called
Is it not just possible through a perl module as I am not very clued up on
digital certificates.
Thanks
Ian
- Original Message -
From: "John Saylor" [EMAIL PROTECTED]
To: "Ian Frawley" [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Tuesday, October 17, 2000 8:24 AM
Subject: Re: Remembering
Hi
- Original Message -
From: "Ian Frawley" [EMAIL PROTECTED]
Is it not just possible through a perl module as I am not very clued
up on
digital certificates.
Well, you have to have some credentials- and if it's not a cookie [bad
idea anyway], and if it's not a username/password-
There's no way to use basic authentication (the stuff inside HTTP) from web
pages... you can't tell a browser "use this form to ask your user for
passwords". If you want to manage authentication in web pages, you have to
build the whole authentication/session management system yourself. Since
Security is very important as the user will be buying something and I have
to distinguish if the user is a casual browser[rules out smart cards] or a
regular shopper. Casual browsers need to be told how wonderful our content
is and asked 1)do they want to sign up or 2) Do they want to make an
What if the user added his username and password to the URL? If they are
valid the application could add those parameters to all links/form
actions, but the plaintext password would be replaced with some parameter
that would be good for the next access and expire after a specified period
of
On Tue, 17 Oct 2000, Shimon Rura wrote:
|There's no way to use basic authentication (the stuff inside HTTP) from web
|pages... you can't tell a browser "use this form to ask your user for
|passwords".
#untested code
use URI::Escape;
use CGI;
$q=new CGI;
On Tue, 17 Oct 2000, Nicolas MONNET wrote:
|On Tue, 17 Oct 2000, Shimon Rura wrote:
|
||There's no way to use basic authentication (the stuff inside HTTP) from web
||pages... you can't tell a browser "use this form to ask your user for
||passwords".
|
|#untested code
|use URI::Escape;
|use CGI;
I should probably place a plug and say that the open source extropia
authentication framework for Perl handles digital certificates, session's
with and without cookies, the unfriendly login screen, form-based logon
screens in it's default capacity.
As a company working on real projects, we've
From: "Nicolas MONNET" [EMAIL PROTECTED]
print $q-redirect("http://$l:$p\@$ENV{HTTP_HOST}/path");
Ack! Can anybody find a bigger security hole than this?
Rodney Broom
On Tue, 17 Oct 2000, Rodney Broom wrote:
|From: "Nicolas MONNET" [EMAIL PROTECTED]
|
| print $q-redirect("http://$l:$p\@$ENV{HTTP_HOST}/path");
Like what?
The problem for me with cookies is the fact that we
are going to be serving WAP phones that don't like cookies for obvious
reasons.
The only thing I can think of is using server side
cookies thatare destroyed at the end of the user session.Perhaps
relating the server side cookie to a
Why not just write the app to use session and store to the db. It is not
hard to do. Auth to db/ldap cook up a digest with $$, username, and
remote_ip. Store all userinfo in Storable object in the db/ldap.
GET http://some.where.net/?sessionID=md5 digest
POST input type=hidden
hi,
is anyone using rotatelogs ?
I have a bunch of virtualdomains, each with its own, separate log. Then
I'm running three different apache binaries (that resulting in a whole
lot of daemons). Now I'm trying to use rotatelogs, and I find the pipes
are kept open, so I have a
martin langhoff [EMAIL PROTECTED] writes:
They don't seem to hurt the load averages nor the memory, but I wonder
if there might be any problem running so many of them, like, erm,
hitting a max-processes count?
Yes.
There are plenty of counter examples floating around. Mostly involving
Matt Sergeant wrote:
You should still switch to Time::Object. Loading POSIX.pm still loads in
the .so which contains loads of cruft for things you don't
want/need. Whereas loading Time::Object is a lot smaller. Of course I'm
not sure how you'd fix the isdst thing with Time::Object, since it
AuthCookie won't help you here, it still sends a cookie back to the client.
Whatever you do, you will need to modify the response to the client to contain a
session id somewhere where you can get it back.
From what you've said, you will need to modify the url in some way. It
doesn't
I'm thinking of adding a "locked out" functionality to
AuthCookie/AuthCookieDBI and was wondering if anyone has already attempted
or started this. It should function much like NT domain authentication.
Thanks,
Charles Day
IT
Symix Systems, Inc.
On Tue, 17 Oct 2000, David E. Wheeler wrote:
Matt Sergeant wrote:
You should still switch to Time::Object. Loading POSIX.pm still loads in
the .so which contains loads of cruft for things you don't
want/need. Whereas loading Time::Object is a lot smaller. Of course I'm
not sure how
While the behaviour seems correct from the browser, I am getting errors in
the error_log that may be indicative of some kind of problem:
Here is the relevant snippet of my httpd.conf:
PRE
# Added for Oracle to work. Dan H. 5-oct-2000
#
SetEnv
On 17 Oct 2000 Robin Berjon [EMAIL PROTECTED] wrote:
At 23:59 16/10/2000 -0700, Annette wrote:
How do I install the latest version of Mod_Perl? Every time I try to
install it I receive a message stating I need Apache 1.3.0 and then
it aborts. I tried Mod_Perl version 1.19, 1.21, and 1.24
Matt Sergeant wrote:
Its doable - I could add in the code for ht_time almost verbatim, although
I *am* using Perl's gmtime.
Could you not use the same gmtime that ht_time uses?
D
--
David E. Wheeler
Software Engineer
Salon Internet ICQ: 15726394
Hi there,
quick question regarding script concurrency with mod_perl.
If Ihave the same script name in different directories, will mod_perl
treat them differently and can they be used concurrently?
i.e. I have a production version and a development version of help.pm
which gets called by help.pl
If the script is a module then no.
If the script is a script being loaded by something else like
Apache::Registry, there is code in Apache::Registry to mangle the namespace
of the script so it appears to be different from a script of the same name
running at a different URL.
However, there
At 06:58 PM 10/17/00 +0100, [EMAIL PROTECTED] wrote:
AuthCookie won't help you here, it still sends a cookie back to the client.
Whatever you do, you will need to modify the response to the client to
contain a session id somewhere where you can get it back.
From what you've said, you will
I know this isnt the right place to ask this question but if someone could
at least fill me in and point me in the right direction I'd be gratefull.
I'm trying to find a way to do XML over HTTP. I have a project at work
that I'm doing where we have a XML based system. The system would connect
to
I think I might have been a slight bit confusing in the email. I need to
have apache be able to *recieve* the POST and GET requests. I know how to
send the XML to another server, I just need to know how to get *my*
server to handle the requests/data from other clients..
Geoff
This one time, at
Hi,
Win32 issues might be slightly OT here, but I really would like to find
my way around/a solution concerning the AS 5.6.0 618 / 1.24_01
combo crashing Apache during a service shutdown/stop.
This was discussed at ng comp.lang.www-servers.ms-windows
( Subject: mod_perl and ActiveState perl
Hi,
Win32 issues might be slightly OT here, but I really would like to find
my way around/a solution concerning the AS 5.6.0 618 / 1.24_01
combo crashing Apache during a service shutdown/stop.
This was discussed at ng comp.lang.www-servers.ms-windows
( Subject: mod_perl and ActiveState perl
Dear ALL
I've writen a module that does transparent session management via either
Cookies, Munged URI or Query Args.
It has quite a few options to change the behavour, and appears stable in
my developement environment.
What I suggest is that unless there is a major objection I call it
Geoffrey Gallaway wrote:
I think I might have been a slight bit confusing in the email. I need to
have apache be able to *recieve* the POST and GET requests. I know how to
send the XML to another server, I just need to know how to get *my*
server to handle the requests/data from other
I like the name as it works well with our naming (SessionManager, Session
hierarchy) so I can probably write a wrapper that assumes your
SessionManager is embedded in Apache and it's not confusing for our users
who want to configure our apps to use your session manager.
Thanks,
Gunther
Ian,
Using cookies is just one way of overcoming the stateless nature of http.
The other ways that I know of are to modify the url in some way or to put
a hidden field in a form.
The latter only works if you're processing forms of course so for general
viewing,
40 matches
Mail list logo
