On 11/19/2010 11:09 PM, Mohit Anchlia wrote:
> I am trying to look at how handlers work so I created a very simple
> perl handler that just return "OK". And I added an entry "PerlModule"
> and the "PerlHandler". I also was able to build mod_perl2.so. When I
> do a GET request with handler ON I see
I am trying to look at how handlers work so I created a very simple
perl handler that just return "OK". And I added an entry "PerlModule"
and the "PerlHandler". I also was able to build mod_perl2.so. When I
do a GET request with handler ON I see that Handler gets called but
then the call is not goi
- "Ray Van Dolson" wrote:
> I just updated a Verisign certificate for one of our sites, and
> noticed
> Firefox was complaining that it wasn't valid. This usually happens
> when Verisign's released a new intermediate certificate, and I
> typically just install the new one and point to it us
On Fri, Nov 19, 2010 at 7:00 AM, Tomasz Chmielewski wrote:
> How do you debug websites running on Apache?
>
I have a few tricks I use.
First, I try to write my applications so they can be run from the
commandline. That means when they misbehave, I can run them directly under
strace or a debugg
- Original Message -
From: Ray Van Dolson
Date: Thu, 18 Nov 2010 09:07:09 -0800
Subject: [us...@httpd] Proper way to reference intermediate
certificates in Apache 2.2.x
To: users@httpd.apache.org
I just updated a Verisign certificate for one of our sites, and noticed
Firefox was com
> Thanks Andrew, I did see this as an example on a web post. ...the argument
> was made that it's a PIA when you don't match class C subnets and have to use
> RegEx :-)
Yes, I agree, it is a PIA. You should see the access control file on our
production host... we have about 3000 SetEnvIf stat
On Fri, Nov 19, 2010 at 2:40 PM, Patricia A Moss wrote:
>
> Another question; regarding the "Require valid-user" entry.
>
> Does this require that you make it through the Authentication Phase first,
> before it Authorizes you?
Yes, you still have to pass authentication.
Another question; regarding the "Require valid-user" entry.
Does this require that you make it through the Authentication Phase first,
before it Authorizes you?
PATI MOSS
System Engineer Sr. Professional
CSC
From:
Patricia A Moss/USA/c...@csc
To:
users@httpd.apache.org
Cc:
users@httpd.apache
Thanks Andrew, I did see this as an example on a web post. ...the argument
was made that it's a PIA when you don't match class C subnets and have to use
RegEx :-)
...I don't have class C inside, I boiled it down to Class C for the post
example.
Thanks!
-Original Message-
From: Andre
> I've been able to secure each proxy with this model:
> http://*/App1/*>
> Order Deny,Allow
> #Permit IT
> Allow from 10.1.0.0/24
> #Permit Team1
> Allow from 10.1.1.0/24
> Deny from all
>
>
> Is there a way we can define access once for the IT Subnet (10.1.0.0/24) once
>Does it happen without the mod_auth_alias?
It works fine with one, but not the other. I may be on to something.
Thank you Eric! :-)
PATI MOSS
System Engineer Sr. Professional
CSC
From:
Eric Covener
To:
users@httpd.apache.org
Date:
11/19/2010 11:00 AM
Subject:
Re: [us...@httpd] Group auth
Hello All
We use Apache MOD_PROXY as a reverse proxy for internal applications. Each
WebApp has its own top level URI
We're looking to restrict by IP, but have all apps available to our IT Team's IP
IT Team:10.1.0.0/24
App1/Team 1:
Proxy URI: /App1/*
IP Subnet: 10.1.1.0/24
>Does it happen without the mod_auth_alias?
I don't think I have tested that. Will do so now.
>I thought you were describing an error without "require valid-user"?
I just pasted the config from my original post. When I tested without the
"Require valid-user", the line was commented out.
PATI
On Fri, Nov 19, 2010 at 10:57 AM, Patricia A Moss wrote:
>
> >With what configuration exactly?
> My location block is configured as below:
>
> dav svn
> SVNPath /disk01/home/test_repo
> AuthType Basic
> AuthName "Subversion Repository"
> AuthBasicProvider ldap-FCGNET ldap-VIET
> AuthzLDAPAuthorit
>With what configuration exactly?
My location block is configured as below:
dav svn
SVNPath /disk01/home/test_repo
AuthType Basic
AuthName "Subversion Repository"
AuthBasicProvider ldap-FCGNET ldap-VIET
AuthzLDAPAuthoritative on
Require valid-user
Require ldap-group CN=Active_Directory Group
Name
On Fri, Nov 19, 2010 at 10:16 AM, Patricia A Moss wrote:
>
> >requirements are OR'ed in 2.2.x. Remove valid-user.
>
> That was one of the tests that I attempted and posted:
> 2. If I remove "Require valid-user" then I receive an error when attempting
> access the repository and the error.log is
>requirements are OR'ed in 2.2.x. Remove valid-user.
That was one of the tests that I attempted and posted:
2. If I remove "Require valid-user" then I receive an error when
attempting access the repository and the error.log is as follows:
[Mon Nov 15 14:38:15 2010] [debug] mod_authnz_ldap.c(377)
> I have require ldap-filters configured in my location block, but it is not
> filtering. It is still letting any valid userid through.
> My location block is configured as below:
> Require valid-user
> Require ldap-group CN=Active_Directory Group
> Name,OU=U.S.,OU=Groups,DC=domain,DC=com
requi
>There's require ldap-filter!
>You should definitely take a look at those.
>http://httpd.apache.org/docs/current/mod/mod_authnz_ldap.html#reqfilter
>That should help you ask for pretty much *anything*
I have require ldap-filters configured in my location block, but it is not
filtering. It is sti
On 19.11.2010 14:39, Igor Galić wrote:
What are other debugging methods which can be used on a busy
webserver?
Ideally, I'd like to see all connections, database queries, files
opened
for read/write by Apache processes, with timestamps, as I connect from
a
given IP address (so all other noise is
> >
> > My goal(s):
> > 1. Allow only 1 specific, Active Directory, group access to the
> > repository.
>
> That should work out fine.
>
> > 2. Simultaneously, allow a single user account, that is not a
> member
> > of the group, access to the repository
>
> Given that the condition is ``Simul
- "anton" wrote:
> Hi,
>
> I would like to see the whole configuration
> settings which the apache process itself "sees".
mod_info
http://httpd.apache.org/docs/current/mod/mod_info.html
> I have a bunch of big config files which are read by apache,
> and would like to know what he has "re
- "Tomasz Chmielewski" wrote:
> How do you debug websites running on Apache?
>
> Say, you have a website which is dog slow on the powerful server.
If your website is static, and is dog slow although running on
a powerful server, you're doing it wrong.
Check http://wiki.apache.org/httpd/Pe
How do you debug websites running on Apache?
Say, you have a website which is dog slow on the powerful server.
My favourite way (after checking the obvious errors from the logs) was
to simply run Apache through strace, which would print where httpd
processes connect to (and possibly hang, whi
24 matches
Mail list logo
