There are at least 2 places where the idea can be improved to be even
better:
1) for browsers that do not support cookie, embed the ticket/credential in
the URL so the system works for all browsers
2) the part for ticket verification can be written in C so in case of
dual-server setup (light
check here http://modperl.home.att.net
Peter
- Original Message -
From: Christian Gilmore [EMAIL PROTECTED]
To: 'Michael Schout' [EMAIL PROTECTED]
Cc: 'Modperl Mailing List (E-mail)' [EMAIL PROTECTED]
Sent: Tuesday, October 22, 2002 12:13 PM
Subject: RE: AuthCookie questions
Hi,
We talked about this limiation of the dual setup before. There is no
solution publically available. But you can try this:
1) check http://modperl.home.att.net or similar cookie-based ticketing
system.
2) write a ticket-client module in C and load it into the proxy server (I
have one based on
Please take a serious look. There were several related reports in the
mailing list during the months: Apache::Request might not handle
double-bytes or utf8 correctly. Or it may be due to the C library.
Peter
- Original Message -
From: Joe Schaefer [EMAIL PROTECTED]
To: [EMAIL
The linked page is great, especially the first picture.
Problem in authentication: if mod_perl returns cached header and the
document is proxy cached in the plain Apache, the backend authentication
handler (in the mod_perl server) will not be able to protect it.
Peter Bi
- Original
assigns it at the first place.
Peter Bi
- Original Message -
From: Michael Robinton [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, August 28, 2002 1:05 PM
Subject: odd authetication situation
I have a modperl handler that sets a cookie and does a redirect if the
cookie
How about application software ? The lists are either programming tools or
language iteself.
I mean something like ... online accounting software ... just for example.
Peter Bi
- Original Message -
From: Per Einar Ellefsen [EMAIL PROTECTED]
To: zt.zamosc.tpsa.pl [EMAIL PROTECTED]
Cc
one gets
often the same pop-up login page instead of the redirected page. You may try
to remove any caching tags and add nocache in the code.
Peter
- Original Message -
From: Kaye-Smith Adam [EMAIL PROTECTED]
To: Gerald Richter [EMAIL PROTECTED]; Peter Bi [EMAIL PROTECTED];
[EMAIL
by providing a
valid username/password pair in a NT domain, then one does not have to
follow that definition and the current Smb implementation is one of the
possible solutions.
Peter
- Original Message -
From: Gerald Richter [EMAIL PROTECTED]
To: Peter Bi [EMAIL PROTECTED]; Kaye-Smith Adam
am not sure if NTLM is even better but for most applications, it is
pretty secure.
Peter
- Original Message -
From: Gerald Richter [EMAIL PROTECTED]
To: Peter Bi [EMAIL PROTECTED]; Kaye-Smith Adam
[EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Tuesday, August 13, 2002 12:29 PM
Subject: Re
Authentication ?
Peter
- Original Message -
From: [EMAIL PROTECTED]
To: Peter Bi [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Tuesday, August 13, 2002 2:36 PM
Subject: Re: NTLM module
Am I totally wrong, or the plain and painful answer is
that NTLM is only supported on Win32 boxes? I think
I
You may check Apache::Access module at http://modperl.home.att.net in which
I tried to provide a general solution to several popular authentication
issuers such as SMB, LDAP, IMAP, NIS, FTP, LWP and DBI etc.
Cheers.
Peter Bi
- Original Message -
From: Gerald Richter [EMAIL PROTECTED
It is the browser that controls the URL in the Address bar. So one has to
make another call to get the URL refreshed. If you are worry about the
speed, you may
1) return an error code in case of error
2) in Apache's httpd.conf, config that specific error to display
/step/1/error
A simply
and
each module has only 100 - 300 lines. Well, we use HTML::Template that helps
to separate the HTML codes from the modules. Having HTML in perl programs
makes a big difference.
Peter Bi
- Original Message -
From: Owen Scott Medd [EMAIL PROTECTED]
To: Peter Haworth [EMAIL PROTECTED]
Cc: Jean
ID
or a secure ticket. It is the encryption that does.
Peter Bi
- Original Message -
From: Jean-Michel Hiver [EMAIL PROTECTED]
To: Randal L. Schwartz [EMAIL PROTECTED]
Cc: Jean-Michel Hiver [EMAIL PROTECTED]; Andrew Moore
[EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Sunday, June 30, 2002 10
from the ticket, see e.g. my Apache::CookieAccess source at
modperl.home.att.net. BTW, for me, Basic Authnetication is not that ugly, it
is surpringly stable (than most of other Apache ideas) since day one.
Peter Bi
- Original Message -
From: Jean-Michel Hiver [EMAIL PROTECTED]
To: Peter
.
Forgive me if this is off-topic: it is more likely a mod_proxy question. I
searched, but could not find related information pages to read.
Thanks.
Peter Bi
- Original Message -
From: Randal L. Schwartz [EMAIL PROTECTED]
To: Perrin Harkins [EMAIL PROTECTED]
Cc: md [EMAIL PROTECTED]; Stas
- Original Message -
From: Randal L. Schwartz [EMAIL PROTECTED]
To: Peter Bi [EMAIL PROTECTED]
Cc: Perrin Harkins [EMAIL PROTECTED]; md [EMAIL PROTECTED];
Stas Bekman [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Tuesday, June 25, 2002 10:18 AM
Subject: Re: when to mod_perl?
Peter
The link asks to change POST to GET. However, there is a limit on the length
of the URL so the POST data may be truncated and the redirect action may not
work properly.
Also, make sure to escapeURL() in the URL (which will also add extra chars
in the URL).
Peter Bi
- Original Message
wait a second ...
don't forget using proxy: it saves you a lot of dynamical calls, especially
if you have also a database.
Peter Bi
- Original Message -
From: md [EMAIL PROTECTED]
To: Stas Bekman [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Monday, June 24, 2002 9:36 PM
Subject: Re
Hi, any comments on Java Servlet, .NET, mod_Perl and others such as
ColdFusion ? I personally was asked for such question a few days ago. The
other side needs a service like UPS.com. What do people on this mailing list
think about ?
Peter Bi
- Original Message -
From: Perrin Harkins
To Ward's first post: I think one may even doesn't need server cookie. Using
a client-site cookie fits exactly the need.
Peter
- Original Message -
From: Rob Nagler [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, June 13, 2002 7:49 PM
Subject: Re: mod_perl/passing session
connections. So proxy is the key to serve them
efficiently.
Peter Bi
- Original Message -
From: Eric Frazier [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, June 06, 2002 7:43 PM
Subject: Building high load mod_perl/Mason servers
Hi,
I just got the chance to be in charge
runs only at the first time of login and the follow-up access
can goes without re-FTP and so is pretty fast. Check this :
http://modperl.home.att.net
Peter Bi
- Original Message -
From: Geoffrey Young [EMAIL PROTECTED]
To: Todd Chapman [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Monday
I dont even
know if you can do it any other way with out touching the passwd/shadow
files?
Do you run this for internet or your intranet accounts ? If for internet,
try something different (e.g. Courier/IMAP.)
If for intranet, and if you have to stay with Pop3, there is no way but to
touch
Hi,
I shall fit 99% to Frank's job :-), but I have to move to Toronto soon.
Looking for a mod_Perl or Perl related job in GTA (Toronto and Southern
Ontario, Canada). Off-site contractor job is okay too. ASAP.
Please check my resume at http://modperl.home.att.net .
Thanks.
Peter Bi
p.s. I
Does the first email mean to use the incrementing numbers as seeds and then
generate cool random numbers from the partly ordered seeds, which will
make them more difficult to guess ?
Peter Bi
- Original Message -
From: James G Smith [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL
://mod_perl.home.att.net.
BTW, I tried to register the module in CPAN, but was kind of lost in the
middle.
Peter Bi
- Original Message -
From: Jim Helm [EMAIL PROTECTED]
To: 'Fran Fabrizio' [EMAIL PROTECTED]; 'F.Xavier Noria'
[EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Friday, May 03, 2002 10:08 PM
Since the excellent HTML::Template, the codes becomes more re-usable...
Peter
- Original Message -
From: Ken Y. Clark [EMAIL PROTECTED]
To: Adi Fairbank [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Wednesday, April 24, 2002 1:23 PM
Subject: Re: full-featured online database apps
Well, I changed it back to HTML::Template . It takes relatively less time
to work it out with graphic designers.
Peter
- Original Message -
From: Wim Kerkhoff [EMAIL PROTECTED]
To: Peter Bi [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]; Ken Y. Clark [EMAIL PROTECTED]
Sent: Wednesday, April
.
Peter
- Original Message -
From: Perrin Harkins [EMAIL PROTECTED]
To: Peter Bi [EMAIL PROTECTED]
Cc: Wim Kerkhoff [EMAIL PROTECTED]; [EMAIL PROTECTED]; Ken Y.
Clark [EMAIL PROTECTED]
Sent: Wednesday, April 24, 2002 2:08 PM
Subject: Re: full-featured online database apps
Peter Bi wrote
or
bandwidth throttles. In the later cases, one has to call DB/file/memory for
history.
Peter Bi
- Original Message -
From: kyle dawkins [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, April 19, 2002 8:02 AM
Subject: Re: Throttling, once again
Guys
We also have a problem with evil clients
How about adding a MD5 watermark for the cookie ? Well, it is becoming
complicated
Peter Bi
- Original Message -
From: kyle dawkins [EMAIL PROTECTED]
To: Peter Bi [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Friday, April 19, 2002 8:29 AM
Subject: Re: Throttling, once again
Peter
What will happen if the client's DNS caches the domain name to an IP, which
is then dead ? If I understand it corrently, the current system can work
only if there is something like NAT in front of the machines, which
dynaimcally forward each request. Won't it ?
Peter Bi
- Original
Is mod_perl supposed to be the final choice of the name ? Someones
suggested before to use a different name like Tomcat for Java. What is the
latest conclusion ?
Peter Bi
- Original Message -
From: Stas Bekman [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, April 16, 2002 11:54
before.
Peter Bi
- Original Message -
From: Fran Fabrizio [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, April 17, 2002 3:01 PM
Subject: framesets/AuthCookie question
I'm using AuthCookie and as some of you know, if it determines your
session to be invalid it redirects
- Original Message -
From: Fran Fabrizio [EMAIL PROTECTED]
To: Peter Bi [EMAIL PROTECTED]
Cc: Jeff [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Tuesday, April 16, 2002 6:33 AM
Subject: Re: Enforcing user logged in from only 1 browser?
Peter Bi wrote:
If you touch SessionDBI for every request
requests within a limited time
period. There is no need to verify against the remote URL every time. This
should boost the speed very much.
Peter Bi
[EMAIL PROTECTED]
Feb. 15, 2002
To make a perfect system like this probably needs users to sign-off
faithfully by every session.
Peter Bi
- Original Message -
From: Fran Fabrizio [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, April 12, 2002 1:22 PM
Subject: Enforcing user logged in from only 1 browser
='$request_uri'
For better control, you may need to double check the URL each time in
AccessCookie.pm
Peter Bi
[EMAIL PROTECTED]
- Original Message -
From: Darren Ward [EMAIL PROTECTED]
To: Apache-Perl (E-mail) [EMAIL PROTECTED]
Sent: Monday, April 08, 2002 4:49 PM
Subject: Newbie Alert: Q
40 matches
Mail list logo