Re: [EMAIL PROTECTED] Multiple certs & virtual hosts
--- Mark Drummond <[EMAIL PROTECTED]> wrote: > Thanks Serge. I actually saw this and it had me > confused because the name > based virtual host is working fine (in the sense > that I am getting the right > content back from each virtual host) but the second > host was using the first > host's cert. I'll switch to IP based virtuals. > Thanks! > > Mark Mark, This is one that seems to catch people quite often. I'm thinking it might be a good idea to add to the comments for virtual host configuration in the default httpd.conf the explicit statement that name based virtual hosting does not work with the https protocol, for secure sites you need to use ip based virtual hosting. It would save a lot of people hours of frustration. ( maybe this message will spark the idea in the developers to change the default httpd.conf to include this information ) Jaqui Get news delivered with the All new Yahoo! Mail. Enjoy RSS feeds right on your Mail page. Start today at http://mrd.mail.yahoo.com/try_beta?.intl=ca - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] simple redirect
On Wed, 2007-05-09 at 18:44 -0700, Dave Henderson wrote: > I looked in the logs for any indication as to why it would be failing, > but the last write to the access and error logs were several hours > ago. Not sure why it isn't updating. Here is the complete vhost > config (post change): > > [snip] Dave - I tried all three links, and they all appear to redirect properly for me! So, the good news is that your configuration is working, at least from the outside. Why it's not showing up for you? Unknown. Couple guesses would be to make sure that you've flushed your browser cache, verify that the server you're hitting from your test system is the same one that you're modifying the configuration on, and verify that you're not using a proxy server of some sort. (Not trying to be patronizing - I've been kicked in the stones by all three when I've been focusing on one part of a problem, and not the whole.) Good luck sir! R. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Basic Authentication: Firefox requires twice while Explorer only once
I have set up current Apache 2.2 version for Debian Etch (package installation) and implemented authentication with the following lines in the sites-avaliable/default files: AllowOverride AuthConfig AuthType Basic AuthName "***" AuthUserFile / Require valid-user allow from all Autentication seems to be working fine for Internet Explorer clients, and Firefox under Linux. The problem is with Firefox under windows (I have only tried Windows xp). After the usual authentication window, a second Windows xp window appears (see bottom of the mail), requiring the user and password again. If data is correct, then everything works fine, but I guess this is not a desirable situation. Entering the data twice can be easily avoided by checking the "Remember password" option, but still this is not an elegant solution. Any idea of what can be wrong with Firefox under Windows? Thanks, Guillermo
[EMAIL PROTECTED] Memory consumption by process increases in Apache
Hi, How is the memory handled in Apache.I see the daemon process launched by Apache, as it runs for a long time both its SZ and RSS increases over the period of time.Is there any memory issues in Apache?What should I do to take care of it?I have kept the MaxRequestPerChild as 0.Looking forward for response. Thanks -A
[EMAIL PROTECTED] Apache / Tomcat questions
Hi Firstly, apologies if this is a no-brainer - I am newbie to Apache config. I have a perplexing problem: Our webapp uses Tomcat, and we have recently started to front it with Apache. The app runs on fedora core 6 and uses the mod_jk 1.2.21 connector and https. We have a problem with POST's on one of our JSP's - this particular JSP form is huge - it has over 100 fields. T The problem is that the receiving HttpServletRequest object does not have some of the request parameters when the request is made via http. If the request is made via https it works fine. The params are simply not there at all. Sometimes the parameter values are non-printable characters, but not always. It doesn't seem to be consistent. I am pretty sure that Tomcat itself is not an issue, 'cos standalone TC works fine. My feeling is its something to do with either the Apache https / http setup or the mod_jk connector. Questions: Has anyone experienced this before? Is it possibly to get Apache and mod_jk to log the POST header data so I can see where its going wrong. If, so how do I do that? TIA -Adam - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Info required on Apache HTTP server for Unix
Hi all, Can anyone help me for the following queries 1) is there a binary available for Apache 2.2 HTTP server for Unix or Unix-like system. I am trying to use it directly for my MacOS directly without requiring to build 2) I am able to successfully build Apache 2.2 for my Mac OS from source. Its mentioned that we require a C compiler for this. Is it possible we can 'configure' without a ANSI-C compiler installed on my Mac OS An early reply is aprreciated... Thanks Raju
[EMAIL PROTECTED] RES: Re: Apache 2.2.24, mysql auth and vhosts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This has been resolved. A bug (a few actually) found in mod_dbd and patches commited to apache devel. Quey, I see you have possible the same issue as I had, contact me off-list and I'll send you the patches that should fix the brokeness. On Mon, 7 May 2007, Res wrote: Does anyone actually have 2.2.4 with mod_dbd and mysql authing working? I logged a bug as my testing shows it does not do what the docs state, and it was closed with the simple statement of " it works for me " which might be great for him but not so for us :) If you do, am I leaving something out? Surely I dont have to go back to apache 1.3 just to have working database authentication. in global I have : DBDriver mysql DBDParams "host=hidden dbname=hidden user=hidden pass=hidden" DBDPersist off (The docs state these can all even be used in vhost block, but apache fails to restart saying they are NOT allowed there so I left them in global where it appears happier) in a virtualhost block I have: AuthName "Members" AuthType Basic AuthBasicProvider dbd AuthDBDUserPWQuery "SELECT user_passwd FROM user_info WHERE user_name = %s" Require valid-user ~# /usr/local/apache/bin/httpd -l | grep dbd mod_authn_dbd.c mod_dbd.c Am using apr_dbd_mysql.c in /usr/local/src/httpd-2.2.4/srclib/apr-util/dbd did a buildconf and ./configure --with-apr=../apr etc... ~#ldd /usr/local/apache/bin/httpd | grep libmysqlclient_r libmysqlclient_r.so.15 => /usr/lib/mysql/libmysqlclient_r.so.15 (0x40038000) Now mysql reports it connects and logins in to the database but does not do a query, it disconnects right away, the apache logs report "No DBD Authn configured!" and the user gets a 500 int server error.. Anyone have any pointers? TIA Res - -- Cheers Res Vote for your favourite MTA at http://polls.ausics.net/v3.php -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGQv/IsWhAmSIQh7MRAkycAKCOae2MV6NdglD+s4Vo31UB3TNHEACdHUFB iZVo3HMy98lqiZ55DWRUEQI= =d9zR -END PGP SIGNATURE- - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] How is PHP script executed in apache
Hi, I have compiled PHP as module in apache. Recently I have noticed a strange problem when apache executes the PHP script. My assumption till date: 1. If there are number of request destined to the same/different PHP page then apache will spwan child process to handle the load. 2. If two requests are sent simultaneously on same page then apache module will process those two requests parallely with two different child threads. Am I right on my assumptions? 1. In my test I have x.php which talks to a backend modules 2. I send some request to x.php which inturn lands on the backend module(1) through sockets. 3. Mean while when backend module(1) is busy in processing, another request arrives on the x.php. 4. This request is destined to backend module (2) My observation here is the response from the backend module( 2) is blocked till the response from backend module( 1) is completed. whereas as per my assumption apache shoud have processed these two requests in two different threads/child process without blocking. Is this expected behaviour? what should I do to get parallelism. I would like to know more about how the php scripts are processed in apache, can some one guid me to a useful link. -- Thanks, Chidanand Gangur Pune.
Re: [EMAIL PROTECTED] simple redirect
The Gaijin <[EMAIL PROTECTED]> wrote: On Wed, 2007-05-09 at 18:44 -0700, Dave Henderson wrote: > I looked in the logs for any indication as to why it would be failing, > but the last write to the access and error logs were several hours > ago. Not sure why it isn't updating. Here is the complete vhost > config (post change): > > [snip] Dave - I tried all three links, and they all appear to redirect properly for me! So, the good news is that your configuration is working, at least from the outside. Why it's not showing up for you? Unknown. Couple guesses would be to make sure that you've flushed your browser cache, verify that the server you're hitting from your test system is the same one that you're modifying the configuration on, and verify that you're not using a proxy server of some sort. (Not trying to be patronizing - I've been kicked in the stones by all three when I've been focusing on one part of a problem, and not the whole.) Good luck sir! R. - The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] That is odd. I tried again this morning and everything seems to be running just fine. The only thing I can think of is that I was hitting the server that the new configuration wasn't on (since you mentioned it above). I have now made the changes to both servers, so hopefully all will be working now. Thanks for your help. Dave
Re: [EMAIL PROTECTED] Basic Authentication: Firefox requires twice while Explorer only once
On 5/10/07, Guillermo Pallarés <[EMAIL PROTECTED]> wrote: I have set up current Apache 2.2 version for Debian Etch (package installation) and implemented authentication with the following lines in the sites-avaliable/default files: AllowOverride AuthConfig AllowOverride only affects .htaccess files. It isn't needed here. Autentication seems to be working fine for Internet Explorer clients, and Firefox under Linux. The problem is with Firefox under windows (I have only tried Windows xp). After the usual authentication window, a second Windows xp window appears (see bottom of the mail), requiring the user and password again. If data is correct, then everything works fine, but I guess this is not a desirable situation. Sounds like this: http://httpd.apache.org/docs/1.3/misc/FAQ.html#prompted-twice Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] How is PHP script executed in apache
On 5/10/07, Chidanand Gangur <[EMAIL PROTECTED]> wrote: My observation here is the response from the backend module( 2) is blocked till the response from backend module( 1) is completed. whereas as per my assumption apache shoud have processed these two requests in two different threads/child process without blocking. Is this expected behaviour? what should I do to get parallelism. I would like to know more about how the php scripts are processed in apache, can some one guid me to a useful link. Apache does indeed process all requests in parallel. What you are seeing is almost certainly the result of exclusive locking performed by your php script or a library/module used by your php script. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Basic Authentication: Firefox requires twice while Explorer only once
Thank you Joshua for the AllowOverride tip. I didn't know that. I have tried the solution you posted, but it doesn't seem to solve the problem; I guess that is not exactly the same problem because in my case autenticathion does work fine always but with the combination Windows and Firefox. Any other hint? Joshua Slive escribió: On 5/10/07, Guillermo Pallarés <[EMAIL PROTECTED]> wrote: I have set up current Apache 2.2 version for Debian Etch (package installation) and implemented authentication with the following lines in the sites-avaliable/default files: AllowOverride AuthConfig AllowOverride only affects .htaccess files. It isn't needed here. Autentication seems to be working fine for Internet Explorer clients, and Firefox under Linux. The problem is with Firefox under windows (I have only tried Windows xp). After the usual authentication window, a second Windows xp window appears (see bottom of the mail), requiring the user and password again. If data is correct, then everything works fine, but I guess this is not a desirable situation. Sounds like this: http://httpd.apache.org/docs/1.3/misc/FAQ.html#prompted-twice Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Guillermo Pallarés Sistemas Avanzados de Control (SAC) 91 636 35 40 - ext 213 - The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Basic Authentication: Firefox requires twice while Explorer only once
On 5/10/07, Guillermo Pallarés <[EMAIL PROTECTED]> wrote: Thank you Joshua for the AllowOverride tip. I didn't know that. I have tried the solution you posted, but it doesn't seem to solve the problem; I guess that is not exactly the same problem because in my case autenticathion does work fine always but with the combination Windows and Firefox. Did you actually try following the advice in the FAQ? Can you provide a public URL with username/password so we can try it? Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Apache and X-Cart
Hi, I was wondering if anyone else has seen CPU usage skyrocket after upgrading to X-Cart 4.x.x ? I have optimized my Apache conf file about as much as I can, but still the CPU usage trippled after upgrading. -Grant
Re: [EMAIL PROTECTED] Basic Authentication: Firefox requires twice while Explorer only once
Yes Joshua I did add a UseCanonicalName off line in my apache2.conf file and made sure that the server name is the same as the one in the url (it is an internal network, so the IP address is being used). Regarding the use of the trailing slash, I guess that is the problem I am having right not, but I can't know how. I can't give you a public URL because I don't have access to the router, but I can give you the piece of html which is generating the error (if I comment the call to this file, then the second autenticathion request doesn't appear). Please see the attached file clock.html (I didn't find any trailing slash problem there) Thanks Joshua Slive escribió: On 5/10/07, Guillermo Pallarés <[EMAIL PROTECTED]> wrote: Thank you Joshua for the AllowOverride tip. I didn't know that. I have tried the solution you posted, but it doesn't seem to solve the problem; I guess that is not exactly the same problem because in my case autenticathion does work fine always but with the combination Windows and Firefox. Did you actually try following the advice in the FAQ? Can you provide a public URL with username/password so we can try it? Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Guillermo Pallarés Sistemas Avanzados de Control (SAC) 91 636 35 40 - ext 213 - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Configuring an overall template for free hosting
OS Redhat Apache 2.0.40 We currently offer free websites to our users. We have over 200 of these customer generated sites out there. www.domainname.com/people/whateveruser I have been tasked with implementing a small ad at the top of each of these free pages. What is the best way to go about doing this? Thank You -TJ - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Basic Authentication: Firefox requires twice while Explorer only once
On 5/10/07, Guillermo Pallarés <[EMAIL PROTECTED]> wrote: Yes Joshua I did add a UseCanonicalName off line in my apache2.conf file and made sure that the server name is the same as the one in the url (it is an internal network, so the IP address is being used). Regarding the use of the trailing slash, I guess that is the problem I am having right not, but I can't know how. I can't give you a public URL because I don't have access to the router, but I can give you the piece of html which is generating the error (if I comment the call to this file, then the second autenticathion request doesn't appear). Please see the attached file clock.html (I didn't find any trailing slash problem there) What kind of "call to this file" do you use? You should trace all the requests your browser is making as part of whatever document is being requested. In one of these requests, the hostname is probably changing, resulting in the new auth. (Alternatively, perhaps there is simply a browser bug causing it to forget credentials.) But there is really no way for us to know what is going on from this side of the firewall. (By the way, you have set Thunderbird to use the font size for your emails. This is rather annoying, even for someone with decent vision.) Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Basic Authentication: Firefox requires twice while Explorer only once
What kind of "call to this file" do you use? The call is If this line is removed, then the second autenticathion doesn't appear. You should trace all the requests your browser is making as part of whatever document is being requested. In one of these requests, the hostname is probably changing, resulting in the new auth. (Alternatively, perhaps there is simply a browser bug causing it to forget credentials.) But there is really no way for us to know what is going on from this side of the firewall. I have tried to perform a trace by using Ethereal. Please find the complete .cat file attached, from the first log in until the second autenticathion is requested. I guess the most important part is the end, because at some point the browser stops sending the aut info at the end of the frame. I don't know if it is casual but that point is when a .JAR file request is sent. Do please me know if there is any extra information I can give you. Thanks, Guillermo wrong_aut.cap Description: Binary data - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Basic Authentication: Firefox requires twice while Explorer only once
On 5/10/07, Guillermo Pallarés <[EMAIL PROTECTED]> wrote: What kind of "call to this file" do you use? The call is If this line is removed, then the second autenticathion doesn't appear. You should trace all the requests your browser is making as part of whatever document is being requested. In one of these requests, the hostname is probably changing, resulting in the new auth. (Alternatively, perhaps there is simply a browser bug causing it to forget credentials.) But there is really no way for us to know what is going on from this side of the firewall. I have tried to perform a trace by using Ethereal. Please find the complete .cat file attached, from the first log in until the second autenticathion is requested. I guess the most important part is the end, because at some point the browser stops sending the aut info at the end of the frame. I don't know if it is casual but that point is when a .JAR file request is sent. Yes, the key is here: GET /lib/sv600.jar HTTP/1.1 [...] User-Agent: Mozilla/4.0 (Windows XP 5.1) Java/1.6.0_01 [...] So firefox isn't making this request, it is java doing it directly. And java doesn't have the required credentials resulting in a new password prompt. I know nothing about embedding java applets. You're probably better off looking for a forum with some expertise in that subject. Here you'll find mostly apache experts, and this problem has nothing to do with apache. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Info required on Apache HTTP server for Unix
Raju Chandran wrote: > Hi all, > > Can anyone help me for the following queries > > 1) is there a binary available for Apache 2.2 HTTP server for Unix or > Unix-like system. I am trying to use it directly for my MacOS directly > without requiring to build They wouldn't help you. Binaries are specific to the platform, the OS, it's version and the cpu. You wouldn't want a Unix, Linux or otherwise non-bsd flavor. It will quite probably be part of Leopard if I'm remembering right - something to be excited about! > 2) I am able to successfully build Apache 2.2 for my Mac OS from source. > Its mentioned that we require a C compiler for this. Is it possible we > can 'configure' without a ANSI-C compiler installed on my Mac OS Configuring is nothing but tweaking your finished config files, you can do that in vi, or using your own sed or awk scripts, or write a config program in carbon. All you are changing is the .conf files to your liking. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Apache / Tomcat questions
Adam, Have you tried setting JKLogLevel to Debug in the httpd.conf for the apache webserver? What version of Tomcat and What version of Apache? Thanks, William C. Mount RHCE J2EE Web Solutions CoEx Global IT Solutions Caterpillar Inc. 812 W. Washington St. East Peoria IL, 61630 (309) 675-3031 - Desk (309) 264-8297 - Cell [EMAIL PROTECTED] "I love the way Microsoft follows standards. In much the same manner that fish follow migrating caribou." -- Paul Tomblin Adam Lipscombe <[EMAIL PROTECTED]> 05/10/2007 03:58 AM Please respond to users@httpd.apache.org To users@httpd.apache.org cc Subject [EMAIL PROTECTED] Apache / Tomcat questions Caterpillar: Confidential Green Retain Until: 06/09/2007Retention Category: G90 - General Matters/Administration Hi Firstly, apologies if this is a no-brainer - I am newbie to Apache config. I have a perplexing problem: Our webapp uses Tomcat, and we have recently started to front it with Apache. The app runs on fedora core 6 and uses the mod_jk 1.2.21 connector and https. We have a problem with POST's on one of our JSP's - this particular JSP form is huge - it has over 100 fields. T The problem is that the receiving HttpServletRequest object does not have some of the request parameters when the request is made via http. If the request is made via https it works fine. The params are simply not there at all. Sometimes the parameter values are non-printable characters, but not always. It doesn't seem to be consistent. I am pretty sure that Tomcat itself is not an issue, 'cos standalone TC works fine. My feeling is its something to do with either the Apache https / http setup or the mod_jk connector. Questions: Has anyone experienced this before? Is it possibly to get Apache and mod_jk to log the POST header data so I can see where its going wrong. If, so how do I do that? TIA -Adam - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] utf8 charset question
On Wed, May 09, 2007 at 03:35:46PM -0400, Joshua Slive wrote: > In my opinion, that is a bug. Apache should be passing the charset > specified by your CGI script in the Content-Type line But nothing in the docs says that .cgi scripts are treated differently from any other file. I'm much more concerned that the .htaccess is apparently being ignored, but only for .cgi scripts. -- greg - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] utf8 charset question
On 5/10/07, Greg Lindahl <[EMAIL PROTECTED]> wrote: On Wed, May 09, 2007 at 03:35:46PM -0400, Joshua Slive wrote: > In my opinion, that is a bug. Apache should be passing the charset > specified by your CGI script in the Content-Type line But nothing in the docs says that .cgi scripts are treated differently from any other file. I'm much more concerned that the .htaccess is apparently being ignored, but only for .cgi scripts. CGI scripts get special meta-data treatment because they are capable of (and responsible for) setting their own meta-data. For example, the AddType directive has no effect on CGI scripts either, by design. In general, I wouldn't expect any of the mod_mime stuff to have any effect on CGI scripts (except for some special cases). The same applies to any dynamic content like php scripts or java servlet output -- mod_mime is ignored because they are responsible for their own meta-data. In particular, according the CGI specification, CGI scripts must set their own Content-Type header. The charset is part of the Content-Type header, and therefore should be set by the CGI script and passed through by apache to the client. The fact that this is not happening is a bug (and a pretty serious one if it is happening generally and not just in some special cases that we are testing). Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] rewriting problem in reverse proxy scenario
Hi list, to the point: reverse proxy http to https for Lotus Quickplace: ProxyRequests Off ProxyPreserveHost Off SSLEngine On SSLCertificateFile /etc/apache2/ssl/sequick.pippo.it.crt SSLCertificateKeyFile /etc/apache2/ssl/sequick.pippo.key ProxyPass /QuickPlace http://sequick.pippo.it/QuickPlace ProxyPass /icons http://sequick.pippo.it/icons ProxyPass /qphtml http://sequick.pippo.it/qphtml ProxyPass /bacheca http://sequick.pippo.it/bacheca ProxyPass / http://sequick.pippo.it/QuickPlace/ ProxyPassReverse / http://sequick.pippo.it RewriteEngine On RedirectMatch 301 ^/$ /QuickPlace/quickplace/Main.nsf?OpenDatabase\&Login RewriteRule ^/QuickPlace/([^/]+)/? /QuickPlace/$1/Main.nsf SSLRequireSSL Allow from all Explanations: Static Reverse for /QuickPlace /icons /qphtml /bacheca Dynamic Reverse for / so every links like this http://sequick.pippo.it/testis proxied to https://sequick.pippo.it/QuickPlace/test. need to add /Main.nsf too after https://sequick.pippo.it/QuickPlace/test and this is the only thing that I was not able to make working. RewriteRule doesn't seem to work... Any suggestions? Thanks
[EMAIL PROTECTED] Rewrite "Location:" header.
Hi, I wanted to modify the "Location:" header in 30X http responses using apache 2, but failed to find a good solution. In mod_headers I can unset the header and set a new one, but I can't use a regular expression to modify his original value. thanks for any idea.
Re: [EMAIL PROTECTED] Rewrite "Location:" header.
On 5/10/07, moh bad <[EMAIL PROTECTED]> wrote: Hi, I wanted to modify the "Location:" header in 30X http responses using apache 2, but failed to find a good solution. In mod_headers I can unset the header and set a new one, but I can't use a regular expression to modify his original value. Your question is rather vague since it is hard to tell where the Location header is coming from and at what stage you want it rewritten. Why don't you tell us what you are trying to accomplish? Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] utf8 charset question
On Thu, May 10, 2007 at 05:55:35PM -0400, Joshua Slive wrote: > CGI scripts get special meta-data treatment because they are capable > of (and responsible for) setting their own meta-data. Ah. Then part of the bug is that the documentation for mod_mime doesn't seem to say this anywhere. And the CGI perl doc managed to confuse me with the -encoding argument to start_html(), without saying "Hey, dummy, you have to set the charset in the header() to get a Content-Type line..." And that was my bug: I was calling start_html() with an -encoding but I was not adding -charset to header(). Thus, I was not emitting a Content-Type header at all. So my personal problem is solved. And apache 2.0.58 is properly sending this Content-Type in the headers. -- greg - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Rewrite "Location:" header.
On Fri, 11 May 2007 01:10:12 +0200 "moh bad" <[EMAIL PROTECTED]> wrote: > Hi, > > I wanted to modify the "Location:" header in 30X http responses using > apache 2, > but failed to find a good solution. > > In mod_headers I can unset the header and set a new one, but I can't > use a regular expression to modify his original value. Yes you can. Header edit. Provided you have an up-to-date version. But the usual reason for rewriting a Location is in a reverse proxy situation, where there are better solutions. As Joshua said, you need to tell us what you're really doing. -- Nick Kew Application Development with Apache - the Apache Modules Book http://www.apachetutor.org/ - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] 2.2.4 Require file-group seems to forget user authentication
Hello List: My goal is to base web access control on the underlying Unix file system group access. I'm using: - AuthzUnixgroup (Third-party module which effectively replaces AuthGroupFile with /etc/group. http://www.unixpapa.com/mod_authz_unixgroup/) - Apache's "Require file-group" mechanism (mod_authz_owner) We experience two prohibitively annoying side-effects of this, and I need help with #2: 1) Every request for a missing file results in a request for reauthentication. To solve this, I've added rewrite rules which check for file existence. If a requested file doesn't exist, it rewrites the request to an informative php script. This works well. 2) A request for an existing file to which the authenticated user is not authorized results in the desired request for reauthentication and access denial. However, when the user then returns to a file to which s/he is authorized, s/he is again forced to reauth. It's as if the user's login is forgotten after every step out-of-bounds. Is this the expected behavior for "Require file-group"? If so, can anyone recommend a friendlier work-around? -- We're at: Solaris8, apache-2.2.4, SSL is enabled. # AllowOverride None order deny,allow deny from all allow from .example.com Options SymLinksIfOwnerMatch IncludesNOEXEC Indexes DirectoryIndex /DirectoryIndexer.php AuthName "TJB_TEST Access Controls Test" AuthType Basic AuthBasicProvider file AuthUserFile /web/conf/Password.cfg AuthzOwnerAuthoritative on AuthzUnixgroup on Require file-group Satisfy all # Thanks! --Tom - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Could not start the server, Apache 2.0.59 mod_ssl2.0.59 OpenSSL0.9.8d
Hi All,
I have generated a private key and got a certificate from versign (trail
version). And when I try to start the server with SSL it stops at Loading
certificate & private key of SSL-aware server.
The error log is here:
[Fri May 11 10:39:53 2007] [info] Init: Initializing OpenSSL library
[Fri May 11 10:39:53 2007] [info] Init: Seeding PRNG with 136 bytes of
entropy
[Fri May 11 10:39:54 2007] [info] Loading certificate & private key of
SSL-aware server
[Fri May 11 10:39:54 2007] [debug] ssl_engine_pphrase.c(469): unencrypted
RSA private key - pass phrase not required
[Fri May 11 10:39:54 2007] [info] Init: Generating temporary RSA private
keys (512/1024 bits)
[Fri May 11 10:39:54 2007] [info] Init: Generating temporary DH parameters
(512/1024 bits)
[Fri May 11 10:39:54 2007] [info] Init: Initializing (virtual) servers for
SSL
[Fri May 11 10:39:54 2007] [info] Configuring server for SSL protocol
[Fri May 11 10:39:54 2007] [debug] ssl_engine_init.c(405): Creating new SSL
context (protocols: SSLv2, SSLv3, TLSv1)
[Fri May 11 10:39:54 2007] [debug] ssl_engine_init.c(530): Configuring
client authentication
[Fri May 11 10:39:54 2007] [debug] ssl_engine_init.c(1095): CA certificate:
/C=US/O=VeriSign, Inc./OU=For Test Purposes Only. No
assurances./CN=VeriSign Trial Secure Server Test Root CA
[Fri May 11 10:39:54 2007] [debug] ssl_engine_init.c(588): Configuring
permitted SSL ciphers
[ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL]
[Fri May 11 10:39:54 2007] [debug] ssl_engine_init.c(672): Configuring
server certificate chain (1 CA certificate)
[Fri May 11 10:39:54 2007] [debug] ssl_engine_init.c(716): Configuring RSA
server certificate
[Fri May 11 10:39:54 2007] [debug] ssl_engine_init.c(755): Configuring RSA
server private key
[Fri May 11 10:39:54 2007] [info] Server: Apache/2.0.59, Interface:
mod_ssl/2.0.59, Library: OpenSSL/0.9.8d
[Fri May 11 10:39:54 2007] [info] Init: Initializing OpenSSL library
[Fri May 11 10:39:54 2007] [info] Init: Seeding PRNG with 136 bytes of
entropy
[Fri May 11 10:39:54 2007] [info] Loading certificate & private key of
SSL-aware server
Then the server stops here.
And my ssl configuration:
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl.crl
SSLPassPhraseDialog builtin
SSLMutex default
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLSessionCache none
SSLEngine On
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile conf/blue.crt
SSLCertificateKeyFile conf/mylocal2.key
SSLCertificateChainFile conf/intermediate.crt
SSLCACertificateFile conf/ca.crt
CustomLog C:/Apache2/logs/ssl_request.log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
If I commented out the SSLEngine On, then it could start as normal. Does
anybody have some ideas or experiences with this problem?
--
View this message in context:
http://www.nabble.com/Could-not-start-the-server%2C-Apache-2.0.59-mod_ssl2.0.59-OpenSSL0.9.8d-tf3725097.html#a10424786
Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Memory usage in Apache
Hi, How is the memory handled in Apache.I see the daemon process launched by Apache, as it runs for a long time both its SZ and RSS increases over the period of time.Is there any memory issues in Apache?What should I do to take care of it?I have kept the MaxRequestPerChild as 0.Looking forward for response. Thanks -A
[EMAIL PROTECTED] apache proxy domain
Hi, I want to load external pages in my web application and make them appear as they are from local domain. I need to do this to be able to access the html content of the frame. I then configure apache server to act as reverse proxy : So when I ask for /external, apache load the page on http://www.externaldomain.com/external The loading part works fine, however, the domain of the frame is still undefined for my application. I need apache to return the page with the localhost domain. I tried to add ProxyDomain as localhost in my httpd.conf, but I couldn't even restart apache, I had an error. What should I do to make apache return the web content with the localhost domain ? Thanks, Mélanie - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
