RE: [EMAIL PROTECTED] Protecting CGI script from download?
> -Original Message- > From: Vincent Bray [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 11, 2007 6:48 AM > To: users@httpd.apache.org > Subject: Re: [EMAIL PROTECTED] Protecting CGI script from download? > > ... > > ScriptAlias /cgi-bin/ "/Library/WebServer/CGI-Executables/" > > > AllowOverride None > Options None > Order allow,deny > Allow from all > > > Change the Options line from None to ExecCGI to enable CGIs in that > directory and restart apache. This advice is inaccurate. You do not need "ExecCGI" in the context of a ScriptAlias directory - this is a common misconception. Use ScriptAlias when you want a directory to be used *exclusively* for CGI and never need to serve plain files from that dir. Use Options ExecCGI when you want to switch on CGI for certain files in a directory but might want to maintain serving plain files as well. See http://httpd.apache.org/docs/2.2/howto/cgi.html#configuring for precise details. > > > I want any user to be able to EXECUTE the script through a > web interface. > > > > But, I want to make sure that nobody can DOWNLOAD the > script to their > > computer ( I don't want anyone else to be able to use the > script on their > > own computer). That's taken care of by the ScriptAlias directive - this ensures that files in the directory can only be executed and can never be downloaded. Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. > > > > I have set the file permissions for the script to 111. > Will this do the > > job?? > > No, you can't use filesystem permissions for this, Apache needs to be > able to read the script to execute it. Change the owner of the script > to somebody other than the apache user and give apache r-x (5) > permissions on it. > > > > > Is there anything else I need to think about in order to > protect the script? > > Thanks in advance. > > Larry > > If the script contains sensitive information like database passwords, > consider splitting it in to multiple parts, with only a dispatcher in > the cgi-bin directory that calls off to the main script outside of > apache's document space. That way, in the unlikely event of a server > misconfiguration leading to the script being available as text, you > haven't given too much away. > > -- > noodl > > - > The official User-To-User support forum of the Apache HTTP > Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] Permissions problem
> -Original Message- > From: Chris Arnold [mailto:[EMAIL PROTECTED] > Sent: Tuesday, July 10, 2007 8:17 PM > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] Permissions problem > > I think i am having a permissions problem on apache2.2.3. Anytime i > create a folder in htdocs, i get a > Access forbidden! > > You don't have permission to access the requested directory. There is > either no index document or the directory is read-protected. > > If you think this is a server error, please contact the webmaster. > Error 403 This is the browser error message. What is in the apache error_log? That will tell you precisely what is wrong rather than the browser and everyone else having to guess. Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. > > The file permissions are the same for the files/folders that are > working: root/root 755 > A link to the problem is http://www.mytimewithgod.net/lightwindow > A working link is http://www.mytimewithgod.net. > I feel like a complete id10t but can someone shed some light on this? > > Chris > > - > The official User-To-User support forum of the Apache HTTP > Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Analog logfile analyzer - problem
Hi! I'm using Analog (logfile analyzer - http://www.analog.cx/) on a Netware-Novell with Apache 2 WEB server.. Checking the "Listing queries" report I found the following lines: Listing queries, sorted by the number of requests. reqs search term 2 yaffa tel aviv 1 *³-%9c*³-%95*³-%92*³-%99*³-*²�§*³-%94 *³-*²�**³-*²�**³-*²�©*³-%99*³-%9d *³-%96*³-*²�**³-%99*³-%9e*³-%94 1 fishes from maagan michael farm 1 ein hemed 1 biriya 1 tel aviv 1 *³-%9e*³-*²�¢*³-*²�**³-%9b*³-%95*³-*²�* *³-%9e*³-%99*³-%93*³-*²�¢ *³-*²�**³-*²�**³-*²�©*³-%99*³-%9e*³-%99*³-%9d 1 *³-*²�**³-*²�©*³-*²�* *³- *³-%95*³-%91*³-%9c I guess that the "garbage" (not english\latin characters) is a result of queries with Hebrew characters\words. I asked Analog people for help but they answered that this is not their problem. I checked same info in the "error_log.1183522025" file and I found those strange lines like: [Thu Jul 05 17:22:40 2007] [error] [client 202.76.214.205] File does not exist: Applic:/HTDocs/k_comm/Israel/English/Maps/Cities/Ashdod/images, referer: http://honyaku.yahoofs.jp/url_result?ctw_=sT,eCR-EJ,bT,hT,uaHR0cDovL3d3dy5rYWxtYW5vdml0ei5jby5pbC9rX2NvbW0vSXNyYWVsL0VuZ2xpc2gvTWFwcy9DaXRpZXMvQXNoZG9kL0FzaGRvZF9lbi5odG0=,qlang=ja|for=0|sp=-5|fs=100%|fb=0|fi=0|fc=FF|db=T|eid=CR-EJ, OR Sat Jul 07 13:52:51 2007] [error] [client 192.168.254.16] File does not exist: Applic:/HTDocs/Internet_Sites/\xd7\x90\xd7\xa9\xd7\xaa \xd7\xa2\xd7\xa1\xd7\xa7\xd7\x99\xd7\xaa, \xd7\xa1\xd7\x95\xd7\x9b\xd7\xa0\xd7\xaa \xd7\x9e\xd7\x9b\xd7\x99\xd7\xa8\xd7\x95\xd7\xaa, \xd7\xa9\xd7\x99\xd7\xa8\xd7\x95\xd7\xaa \xd7\x9c\xd7\xa6\xd7\x99\xd7\x91\xd7\x95\xd7\xa8, referer: http://www.kalmanovitz.co.il/Internet_Sites/English/Internet_Intro_en.htm Looks like Analog does not parse those lines correctly. Have you any idea how can I set the system to show\parse the data correctly? Alternatively can anyone propose other Analog logfile analyzer for my system? TIA Nanu
Re: [EMAIL PROTECTED] Analog logfile analyzer - problem
Nanu Kalmanovitz wrote: > > Looks like Analog does not parse those lines correctly. > > Have you any idea how can I set the system to show\parse the data correctly? > > Alternatively can anyone propose other Analog logfile analyzer for my > system? The trouble is that everything from \x80 - \xff is undefined. Yes - it might mean UTF-8, it might also be an alternate ISO-8859 or other character set. There's no context for the log file analizer to present it. The best might be to *view* the analysis results in utf-8, but there's no way to cooerce the other requests into what the user intended. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] method to remove individual file from cache using mod_cache/mod_disk_cache Apache 2.2.4
Hi, Many thanks for the response, The bug I was referring to is 32950 detailed in the following URL. http://issues.apache.org/bugzilla/show_bug.cgi?id=32950 I've never used the trunk you mentioned, is there an information page on how to use it? Many thanks again, Mark. On 09/07/07, Vincent Bray <[EMAIL PROTECTED]> wrote: On 09/07/07, Mark Stevens <[EMAIL PROTECTED]> wrote: > I have a basic reverse proxy setup using mod_cache, mod_disk_cache and > mod_proxy, we are having issues with some of the PDF's getting > corrupted in the cache, the problem is intermittent but is happening > randomly, we are able to re-produce by requesting the same file but > appending ?1, ?2 etc until eventually a HTTP 416 is returned resulting > in an incomplete copy of the file getting stored in cache. > > After some investigation it would seem this problem is related to a > known bug in mod_cache that has not been resolved. > > Is it possible to remove the corrupted cached entry without having to > remove the entire cache directory and stop/start Apache? I don't believe that's possible. There's "htcacheclean" in recent versions which removes the need to restart the server, but it doesn't allow for removing specific URLs. Could you perhaps try a later version of apache such as the head of the 2.2 branch or maybe trunk, just to see if the issue's been fixed? -- noodl - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Apache + Subversion use too much memory
Hi folks, I've been watching a strange behaviour of my subversion server. Sometimes the apache processes use almost all virtual memory. I think, that the problem is caused by some ldap or subversion module's issue, because I see a lot of open connections to our ldap server (Active Directory), which the users authenticate themselfs against. Has anybody from you have a problem like this and solved it ? Any help would be very appreciated. My configuration is as following: Hardware: DELL PE 2950 Intel(R) Xeon(R) CPU 5130 @ 2.00GHz 1 Gbyte RAM + 2 Gbyte Swap Software: SuSE Linux 10.2 (i386) prefork Apache/2.0.59 (Unix) DAV/2 mod_ssl/2.0.59 OpenSSL/0.9.8d SVN/1.4.3 mod_bw/0.8 OpenLDAP Libs 2.3.27 top shows the following: PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 12002 wwwrun21 0 782m 334m 3020 S0 33.0 4:37.08 httpd 12221 wwwrun23 0 655m 327m 2972 S0 32.4 6:38.63 httpd 30282 wwwrun15 0 450m 4808 2944 S0 0.5 2:28.12 httpd 11013 wwwrun16 0 391m 9808 3028 S0 0.9 2:26.50 httpd 21926 root 17 0 105m 736 520 S0 0.1 0:03.27 nscd 15917 wwwrun25 0 102m 78m 2972 S0 7.8 0:21.79 httpd 10920 wwwrun15 0 47172 4908 2976 S0 0.5 1:27.72 httpd 12157 wwwrun15 0 41468 4744 2908 S0 0.5 0:15.23 httpd 15789 wwwrun15 0 36032 22m 2996 S0 2.2 0:06.06 httpd netstat -tpn shows this: Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp1 0 192.168.1.2:39784 192.168.1.99:389 CLOSE_WAIT 30282/httpd tcp1 0 192.168.1.2:39783 192.168.1.99:389 CLOSE_WAIT 12221/httpd tcp1 0 192.168.1.2:39782 192.168.1.99:389 CLOSE_WAIT 30282/httpd tcp1 0 192.168.1.2:40600 192.168.1.99:389 CLOSE_WAIT 15917/httpd tcp1 0 192.168.1.2:40598 192.168.1.99:389 CLOSE_WAIT 30282/httpd tcp1 0 192.168.1.2:47659 192.168.1.99:389 CLOSE_WAIT 12002/httpd tcp1 0 192.168.1.2:47657 192.168.1.99:389 CLOSE_WAIT 15917/httpd tcp1 0 192.168.1.2:41262 192.168.1.99:389 CLOSE_WAIT 12002/httpd tcp0 0 192.168.1.2:41221 192.168.1.99:389 ESTABLISHED 12002/httpd tcp0 0 192.168.1.2:41220 192.168.1.99:389 ESTABLISHED 11013/httpd tcp0 0 192.168.1.2:41222 192.168.1.99:389 ESTABLISHED 12157/httpd tcp0 0 192.168.1.2:41224 192.168.1.99:389 ESTABLISHED 11013/httpd tcp1 0 192.168.1.2:44541 192.168.1.99:389 CLOSE_WAIT 11013/httpd tcp1 0 192.168.1.2:44542 192.168.1.99:389 CLOSE_WAIT 10920/httpd tcp1 0 192.168.1.2:44060 192.168.1.99:389 CLOSE_WAIT 12157/httpd tcp1 0 192.168.1.2:44648 192.168.1.99:389 CLOSE_WAIT 12157/httpd tcp1 0 192.168.1.2:57201 192.168.1.99:389 CLOSE_WAIT 15789/httpd tcp1 0 192.168.1.2:58676 192.168.1.99:389 CLOSE_WAIT 10920/httpd tcp1 0 192.168.1.2:59512 192.168.1.99:389 CLOSE_WAIT 15789/httpd tcp1 0 192.168.1.2:59514 192.168.1.99:389 CLOSE_WAIT 12221/httpd tcp1 0 192.168.1.2:59515 192.168.1.99:389 CLOSE_WAIT 10920/httpd tcp0 8303 192.168.1.2:443 192.168.2.11:1620 ESTABLISHED 15917/httpd In the apache logfiles I cannot see any suspicious lines but some authentication errors (wrong username or password). thank you very much ! Kind Regards, Hermann Maurer - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] RE : [EMAIL PROTECTED] Find why httpd eats all swap
Laurent FAILLIE wrote: Do avoid resources problem, I reduced both MaxClients and MaxRequestsPerChild in order to force more frequent child recycling (0 means unlimited). I did this and it still happened, but it ddn't seem as bad. What I really want to know is which vhost is causing it. The only thing I know for sure is it isn't java because it still did it when java was disabled. How about another approach. Sometimes the leaks happen so quick I can see the "free -m" swap value go down each time I hit it at the command line. When thats happening I'm sure one of the vhosts is under load, but its not possible for me to find which one without rewriting the access log defs for 120+ vhosts. Nor disturbing them actually as the owners use them for charging 3rd parties. Is there a way I can intercept/monitor the apache traffic at a high level, just to show me whats being asked for? Something like tail -f access.log but for everything going through httpd? Can I start httpd differently to achieve this? Thanks My production system is an old sparc station w/ 128 or 256 Mb of RAM depending on my cluster status. Bye Laurent The misspelling master is on the Web. _100 % Dictionnary Free ! //( / Dico / / Pleins d'autres fautes sur // / (###( / http://destroyedlolo.homeunix.org Quoi, des fautes d'orthographe! Pas possible ;-D. _ Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! Mail - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- John -- http://www.phonewebcam.com [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] method to remove individual file from cache using mod_cache/mod_disk_cache Apache 2.2.4
On 11/07/07, Mark Stevens <[EMAIL PROTECTED]> wrote: Hi, Many thanks for the response, The bug I was referring to is 32950 detailed in the following URL. http://issues.apache.org/bugzilla/show_bug.cgi?id=32950 There's a request for clarifications at the end of that bug. I'm sure it'd be a big help if you could answer them. I've never used the trunk you mentioned, is there an information page on how to use it? Not that I can find. It's a simple process though, assuming you're familliar with subversion. $ svn co http://svn.apache.org/repos/asf/httpd/httpd/trunk httpd-trunk $ cd httpd-trunk $ ./buildconf .. then ./configure as you would normally. -- noodl - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Apache + Subversion use too much memory
On 11/07/07, Maurer, Hermann <[EMAIL PROTECTED]> wrote: Hi folks, I've been watching a strange behaviour of my subversion server. Sometimes the apache processes use almost all virtual memory. I think, that the problem is caused by some ldap or subversion module's issue, because I see a lot of open connections to our ldap server (Active Directory), which the users authenticate themselfs against. Has anybody from you have a problem like this and solved it ? Any help would be very appreciated. [snip] You have some massive httpd processes! Try enabling /server-status with the mod_status module and see what URLs those processes are serving. There's likely an example of how to configure that module in your config file(s) already. -- noodl - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] method to remove individual file from cache using mod_cache/mod_disk_cache Apache 2.2.4
Thanks Vincent, I took a look at the Change log under the trunk link you provided, and didn't see any specific fix on mod_cache for storing corrupted files however I did notice a mod_disk_cache fix that prevents it from storing responses from aborted requests.. mod_disk_cache: Do not store aborted content. PR 21492. I'm wondering if this same fix could apply to the problem we are seeing, although I suspect this might already be implemented in 2.2.4. There's a request for clarifications at the end of that bug. I'm sure it'd be a big help if you could answer them. Yes I saw request for responses, but was unsure on how to locate where a specific cached item is located on disk, also the problem is pretty hard to replicate, the items seem to just turn up in the cache randomly. I had only seen that reported bug recently, I'll be happy to post my setup if it could provide any help. Can anyone advise how to locate an item that is cached on disk? Also would you not think running the trunk version in live environment slightly risky? Thanks and sorry if this post has dragged on. Mark, On 11/07/07, Vincent Bray <[EMAIL PROTECTED]> wrote: On 11/07/07, Mark Stevens <[EMAIL PROTECTED]> wrote: > Hi, > > Many thanks for the response, > > The bug I was referring to is 32950 detailed in the following URL. > > http://issues.apache.org/bugzilla/show_bug.cgi?id=32950 There's a request for clarifications at the end of that bug. I'm sure it'd be a big help if you could answer them. > I've never used the trunk you mentioned, is there an information page > on how to use it? Not that I can find. It's a simple process though, assuming you're familliar with subversion. $ svn co http://svn.apache.org/repos/asf/httpd/httpd/trunk httpd-trunk $ cd httpd-trunk $ ./buildconf .. then ./configure as you would normally. -- noodl - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Configuring a module twice
Hi, I have a requirement to configure weblogic plugin for Apache, more than once. first, the plugin provided by the Weblogic 8.1 and again the plugin provided by Weblogic 9.1 in the same apache config. The requests coming in need to be handled by these different plugins based on the url, for example 1) "http://myserver.com/91example"; should be handled by the WL9.1 module and sent to a cluster of Weblogic 9.1 servers 2) http://myserver.com/* (except /91example) should be handled by WL9.1 module and sent to a cluster of Weblogic 8.1 servers. Is there a way we can achieve this ? I have tried using directive, but how do we specify that different paths are handled by different modules ? Please help. Thanks -- View this message in context: http://www.nabble.com/Configuring-a-module-twice-tf4061165.html#a11538062 Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] method to remove individual file from cache using mod_cache/mod_disk_cache Apache 2.2.4
On 11/07/07, Mark Stevens <[EMAIL PROTECTED]> wrote:
Thanks Vincent,
I took a look at the Change log under the trunk link you provided, and
didn't see any specific fix on mod_cache for storing corrupted files
however I did notice a mod_disk_cache fix that prevents it from
storing responses from aborted requests..
mod_disk_cache: Do not store aborted content. PR 21492.
I'm wondering if this same fix could apply to the problem we are
seeing, although I suspect this might already be implemented in 2.2.4.
> There's a request for clarifications at the end of that bug. I'm sure
> it'd be a big help if you could answer them.
Yes I saw request for responses, but was unsure on how to locate where
a specific cached item is located on disk, also the problem is pretty
hard to replicate, the items seem to just turn up in the cache
randomly.
Make sure you're logging everything. If possible, you could also leave
tcodump/tcpflow running on that socket, but I imagine that would fill
up your disk pretty quick.
I had only seen that reported bug recently, I'll be happy to post my
setup if it could provide any help.
Can anyone advise how to locate an item that is cached on disk?
I'd make sure LogLevel debug is set, it might give some indication of
which path is being used for the cached response? If not, try running
something like
find /path/to/cache/root -exec file {} \; |grep -i pdf
though I have no idea if mod_disk_cache stores whole responses in such
a way that this would work. If it doesn't, I guess you could try
grepping for a chunk of binary data from the (broken) response.
Yes, it's a pain to track down these kinds of issues, but imagine what
it's like for the developers if they can't replicate the issue.
Also would you not think running the trunk version in live environment
slightly risky?
Yes, of course, especially as 2.3 is very early in its development
still. The point of testing trunk would be to see if there's some
change that should be backported to 2.2 :-)
--
noodl
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Configuring a module twice
On 11/07/07, apacheIndian <[EMAIL PROTECTED]> wrote: Hi, I have a requirement to configure weblogic plugin for Apache, more than once. first, the plugin provided by the Weblogic 8.1 and again the plugin provided by Weblogic 9.1 in the same apache config. The requests coming in need to be handled by these different plugins based on the url, for example 1) "http://myserver.com/91example"; should be handled by the WL9.1 module and sent to a cluster of Weblogic 9.1 servers 2) http://myserver.com/* (except /91example) should be handled by WL9.1 module and sent to a cluster of Weblogic 8.1 servers. Is there a way we can achieve this ? I have tried using directive, but how do we specify that different paths are handled by different modules ? Unless the module developers used a different set of symbol names in both modules, you probably can't. That's just the nature of C libraries. If you really must use both modules, you could do so with an extra apache process running behind a reverse proxy. http://www.apachetutor.org/admin/reverseproxies -- noodl - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] method to remove individual file from cache using mod_cache/mod_disk_cache Apache 2.2.4
Many thanks,
find . -exec file {} \; |grep -i "PDF Document" worked a treat in
finding the PDF's in cache root.
I'll provide an example of Good vs Broken cached header files on
bugzilla hopefully this will assist in resolving the problem, however
I'm getting a fair of heat to resolve the issue so I think I might try
rolling back to Apache 1.3 as this uses mod_proxy to cache not
mod_cache/mod_disk_cache.
Thank you very much for all your help and advice,
Mark.
On 11/07/07, Vincent Bray <[EMAIL PROTECTED]> wrote:
On 11/07/07, Mark Stevens <[EMAIL PROTECTED]> wrote:
> Thanks Vincent,
>
> I took a look at the Change log under the trunk link you provided, and
> didn't see any specific fix on mod_cache for storing corrupted files
> however I did notice a mod_disk_cache fix that prevents it from
> storing responses from aborted requests..
>
> mod_disk_cache: Do not store aborted content. PR 21492.
>
> I'm wondering if this same fix could apply to the problem we are
> seeing, although I suspect this might already be implemented in 2.2.4.
>
>
> > There's a request for clarifications at the end of that bug. I'm sure
> > it'd be a big help if you could answer them.
>
> Yes I saw request for responses, but was unsure on how to locate where
> a specific cached item is located on disk, also the problem is pretty
> hard to replicate, the items seem to just turn up in the cache
> randomly.
Make sure you're logging everything. If possible, you could also leave
tcodump/tcpflow running on that socket, but I imagine that would fill
up your disk pretty quick.
> I had only seen that reported bug recently, I'll be happy to post my
> setup if it could provide any help.
>
> Can anyone advise how to locate an item that is cached on disk?
I'd make sure LogLevel debug is set, it might give some indication of
which path is being used for the cached response? If not, try running
something like
find /path/to/cache/root -exec file {} \; |grep -i pdf
though I have no idea if mod_disk_cache stores whole responses in such
a way that this would work. If it doesn't, I guess you could try
grepping for a chunk of binary data from the (broken) response.
Yes, it's a pain to track down these kinds of issues, but imagine what
it's like for the developers if they can't replicate the issue.
> Also would you not think running the trunk version in live environment
> slightly risky?
Yes, of course, especially as 2.3 is very early in its development
still. The point of testing trunk would be to see if there's some
change that should be backported to 2.2 :-)
--
noodl
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] RE : Re: [EMAIL PROTECTED] RE : [EMAIL PROTECTED] Find why httpd eats all swap
--- John Steel <[EMAIL PROTECTED]> a écrit : > I did this and it still happened, but it ddn't seem > as bad. > What I really want to know is which vhost is causing > it. The only thing [...] If all your vhost are writing the same access.log, what you can do is an while true do sleep 1 free -m >> [path to your logs]/access.log done So you can see which vhost has activities b/w memories increase. Bye Laurent The misspelling master is on the Web. _100 % Dictionnary Free ! //( / Dico / / Pleins d'autres fautes sur // / (###( / http://destroyedlolo.homeunix.org Quoi, des fautes d'orthographe! Pas possible ;-D. _ Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! Mail - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Re:[EMAIL PROTECTED] Permissions problem
>This is the browser error message. >What is in the apache error_log? That will tell you precisely what is >wrong rather than the browser and everyone else having to guess. [Tue Jul 10 18:07:45 2007] [error] [client xx.xx.xx.xx] PHP Fatal error: require_once() [function.require]: Failed opening required '../twatch_include/general.php' (include_path='.:/usr/share/php5:/usr/share/php5/PEAR') in /srv/www/htdocs/sitemeter/twatch/install.php on line 17 [Tue Jul 10 18:07:48 2007] [error] [client xx.xx.xx.xx] PHP Warning: require_once(../twatch_include/general.php) [function.require-once]: failed to open stream: Permission denied in /srv/www/htdocs/sitemeter/twatch/install.php on line 17 [Tue Jul 10 18:07:48 2007] [error] [client xx.xx.xx.xx] PHP Fatal error: require_once() [function.require]: Failed opening required '../twatch_include/general.php' (include_path='.:/usr/share/php5:/usr/share/php5/PEAR') in /srv/www/htdocs/sitemeter/twatch/install.php on line 17 - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Configuring a module twice
Thanks noodl I Will look into the reverse proxies. noodl wrote: > > On 11/07/07, apacheIndian <[EMAIL PROTECTED]> wrote: >> >> Hi, >> >> I have a requirement to configure weblogic plugin for Apache, more than >> once. >> first, the plugin provided by the Weblogic 8.1 and again the plugin >> provided >> by Weblogic 9.1 in the same apache config. >> The requests coming in need to be handled by these different plugins >> based >> on the url, for example >> >> 1) "http://myserver.com/91example"; should be handled by the WL9.1 module >> and >> sent to a cluster of Weblogic 9.1 servers >> >> 2) http://myserver.com/* (except /91example) should be handled by WL9.1 >> module and sent to a cluster of Weblogic 8.1 servers. >> >> Is there a way we can achieve this ? >> I have tried using directive, but how do we specify that >> different paths are handled by different modules ? > > Unless the module developers used a different set of symbol names in > both modules, you probably can't. That's just the nature of C > libraries. > > If you really must use both modules, you could do so with an extra > apache process running behind a reverse proxy. > > http://www.apachetutor.org/admin/reverseproxies > > -- > noodl > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Configuring-a-module-twice-tf4061165.html#a11539432 Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Rewrite Rule using HTTP Header information
On 7/10/07, Vincent Bray <[EMAIL PROTECTED]> wrote:
On 11/07/07, Paul Kuykendall <[EMAIL PROTECTED]> wrote:
> I am trying to get a rewrite rule working that will take the value
> from an HTTP header and use the value to create a new target
> destination for the HTTP request. An example of what I'm trying to do
> follows:
>
> Original HTTP request being sent to http://myhost.domain/ containing the
header
> MyRoutingID: SOME_VALUE
>
> This needs to be rewritten and sent to http://myhost.domain/SOME_VALUE
>
> This will then be forwarded using a reverse proxy to
> http://apphost.domain/SomeLocation/SomeApplication
I don't understand this part. How can you forward one url to another?
I may have used the wrong terminology.
> I know that this may seem like a really convoluted way of doing
> things, but our clients don't actually know where they are sending
> requests to, other than the server name. The receiving server has to
> pass the request along based on the routing ID; however, the routing
> ID isn't actually part of the final destination URL. The routing ID
> -> destination URL mapping will be generated and included as an
> external config file loaded into the Apache configuration at load.
>
> So far what I have is the following:
>
> LoadModule proxy_module modules/mod_proxy.so
> LoadModule proxy_http_module modules/mod_proxy_http.so
>
> ProxyRequests Off
> ProxyPass /SOME_VALUE http://apphost.domain/SomeLocation/SomeApplication
>
>
> ProxyPassReverse /SomeLocation/SomeApplication
>
>
>
> LoadModule rewrite_module modules/mod_rewrite.so
> RewriteEngine On
> RewriteCond %{HTTP:MyRoutingID} (.*)
> RewriteRule .* - [E=ROUTING_ID:$1]
>
> RewriteRule ^/(.*) http://myhost.domain/%{ROUTING_ID} [P,L]
>
> The proxy config is working fine. The RewriteRule however, does not.
> Thanks for any help on getting the RewriteRule working.
These two parts of your config do different and conflicting things.
Are you expecting the rewrite to the address containing the ROUTING_ID
to be then forwarded by your ProxyPass? If so, why the double
indirection? In any case there's a few errors in the rule, this might
work better.
LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteCond %{HTTP:MyRoutingID} (.*)
# Not that captures from conditions are reading using %n rather than $n
RewriteRule ^/(.*) http://myhost.domain/%1 [P,L]
--
noodl
Late yesterday I found a solution to the problem I was having.
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteCond %{HTTP:RequestIDHeader} ^(.*)
RewriteRule ^/$ http://%{HTTP_HOST}/%{HTTP:RequestIDHeader} [P,L]
ProxyRequests Off
ProxyPass /REQUEST_ID_VALUE http://AppServer/AppName/AppServlet
ProxyPassReverse http://AppServer/AppName/AppServlet
Where REQUEST_ID_VALUE is the header value of RequestIDHeader. I know
that it seems like a lot of work, but the application being supported
is based off a legacy system that has no knowledge of exactly where
the message is being sent to. We're using Apache essentially as a
low-cost layer-7 traffic management system, dipping into the message
to pull the routing information from the HTTP message header.
Thanks, though, for the reply!
/Paul
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] Re:[EMAIL PROTECTED] Permissions problem
> -Original Message- > From: Chris Arnold [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 11, 2007 2:25 PM > To: users@httpd.apache.org > Cc: users@httpd.apache.org > Subject: [EMAIL PROTECTED] Re:[EMAIL PROTECTED] Permissions problem > > >This is the browser error message. > > >What is in the apache error_log? That will tell you precisely what is > >wrong rather than the browser and everyone else having to guess. > [Tue Jul 10 18:07:45 2007] [error] [client xx.xx.xx.xx] PHP > Fatal error: require_once() [ href='function.require'>function.require]: Failed opening > required '../twatch_include/general.php' > (include_path='.:/usr/share/php5:/usr/share/php5/PEAR') in > /srv/www/htdocs/sitemeter/twatch/install.php on line 17 So clearly a PHP problem... Just to convince yourself, stick in a plain HTML page and see if you can serve it. If so, it's not an apache problem. Try a PHP manual/book/list? Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. > > [Tue Jul 10 18:07:48 2007] [error] [client xx.xx.xx.xx] PHP > Warning: require_once(../twatch_include/general.php) [ href='function.require-once'>function.require-once]: > failed to open stream: Permission denied in > /srv/www/htdocs/sitemeter/twatch/install.php on line 17 > > [Tue Jul 10 18:07:48 2007] [error] [client xx.xx.xx.xx] PHP > Fatal error: require_once() [ href='function.require'>function.require]: Failed opening > required '../twatch_include/general.php' > (include_path='.:/usr/share/php5:/usr/share/php5/PEAR') in > /srv/www/htdocs/sitemeter/twatch/install.php on line 17 > > > > > - > The official User-To-User support forum of the Apache HTTP > Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] apache hostname resolution (strange problem)
>> -Original Message- >> From: Jeff Fulmer [mailto:[EMAIL PROTECTED] >> Sent: Tuesday, July 10, 2007 2:56 PM >> To: users@httpd.apache.org >> Subject: [EMAIL PROTECTED] apache hostname resolution (strange problem) >> >> I have the oddest situation. I have a test server on the LAN. >> I added a >> host entry for www.myserver.com (actual name changed to protect the >> innocent). I can ping www.myserver.com and my resolved >> address matches the >> host entry. Life is grand, no? >> >> /usr/sbin/ping www.myserver.com >> PING www.myserver.com: 64 byte packets >> 64 bytes from 10.37.74.24: icmp_seq=0. time=0. ms >> >> I have apache configured with a virtual host for >> www.myserver.com. Watch >> what happens when I check my virtual hosts with httpd -S. I >> get the PUBLIC >> internet address for www.myserver.com: > > What exactly is your problem? What address do you expect to get? > > Your posting is confusing because it's not clear whether your munged > domain names are supposed to be internal LAN names or public domain > names... > I expect it to be 10.37.74.24. It can't bind a virtual host to an address that's not on the server. Here's the output of httpd -S lccas243$ bin/httpd -S VirtualHost configuration: 64.157.185.199:80 www.myserver.com (/usr/local/httpd/conf/vhosts/80_myserver.com:5) wildcard NameVirtualHosts and _default_ servers: *:443 is a NameVirtualHost default server www.myserver.com (/usr/local/httpd/conf/vhosts/443_myserver.com:4) port 443 namevhost www.myserver.com (/usr/local/httpd/conf/vhosts/443_myserver.com:4) *:80 is a NameVirtualHost On the server itself, www.myserver.com resolves to 10.37.74.24 which is the address I have in the /etc/hosts file. But apache is resolving it based on it's DNS entry. It does this even when I turn DNS off! Jeff - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] apache hostname resolution (strange problem)
Hi, Sorry if I have the wrong end of the stick, but why don't you just do NameVirtualHost 10.37.74.24:80 in your httpd.conf and then set your virtualhost to that NameVirtualHost. ServerName www.myserver.com Again sorry if I've misunderstood your problem. Regards, Mark. On 11/07/07, Jeff Fulmer <[EMAIL PROTECTED]> wrote: >> -Original Message- >> From: Jeff Fulmer [mailto:[EMAIL PROTECTED] >> Sent: Tuesday, July 10, 2007 2:56 PM >> To: users@httpd.apache.org >> Subject: [EMAIL PROTECTED] apache hostname resolution (strange problem) >> >> I have the oddest situation. I have a test server on the LAN. >> I added a >> host entry for www.myserver.com (actual name changed to protect the >> innocent). I can ping www.myserver.com and my resolved >> address matches the >> host entry. Life is grand, no? >> >> /usr/sbin/ping www.myserver.com >> PING www.myserver.com: 64 byte packets >> 64 bytes from 10.37.74.24: icmp_seq=0. time=0. ms >> >> I have apache configured with a virtual host for >> www.myserver.com. Watch >> what happens when I check my virtual hosts with httpd -S. I >> get the PUBLIC >> internet address for www.myserver.com: > > What exactly is your problem? What address do you expect to get? > > Your posting is confusing because it's not clear whether your munged > domain names are supposed to be internal LAN names or public domain > names... > I expect it to be 10.37.74.24. It can't bind a virtual host to an address that's not on the server. Here's the output of httpd -S lccas243$ bin/httpd -S VirtualHost configuration: 64.157.185.199:80 www.myserver.com (/usr/local/httpd/conf/vhosts/80_myserver.com:5) wildcard NameVirtualHosts and _default_ servers: *:443 is a NameVirtualHost default server www.myserver.com (/usr/local/httpd/conf/vhosts/443_myserver.com:4) port 443 namevhost www.myserver.com (/usr/local/httpd/conf/vhosts/443_myserver.com:4) *:80 is a NameVirtualHost On the server itself, www.myserver.com resolves to 10.37.74.24 which is the address I have in the /etc/hosts file. But apache is resolving it based on it's DNS entry. It does this even when I turn DNS off! Jeff - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Where to add ScriptAlias
What file should I add the ScriptAlias entry to? I have been reading for two days now and found the entry I need but nowhere does it seem to tell in what file the statement should be. Thanks for any help you can offer. Bob R - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] Where to add ScriptAlias
> From: Robert A. Rawlinson [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 11, 2007 10:33 AM > > What file should I add the ScriptAlias entry to? I have been Which file? If you're not doing secure, httpd.conf, of course. If you are... well, I only know what our in-house standard is, which is that httpd.conf includes ../conf.d/*.conf, and you can put in, for example, ssl.conf. mark - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Where to add ScriptAlias
On 11/07/07, Robert A. Rawlinson <[EMAIL PROTECTED]> wrote: What file should I add the ScriptAlias entry to? I have been reading for two days now and found the entry I need but nowhere does it seem to tell in what file the statement should be. Which file to use is largely a matter of how your OS/Distro mangles apache. Apache doesn't generally care, it's all one big config file as far as it's concerned, though context is vital (e.g. VirtualHost, Directory etc). See: http://wiki.apache.org/httpd/DistrosDefaultLayout -- noodl - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] Configuring a module twice
Why not just use the weblogic9.1 plugin to handle delegation to both the 8.1 and 9.1 servers, it is backwards compatible. you can then configure the module and use different Location blocks with different URI's mapping to different clusters. Steve -Original Message- From: apacheIndian [mailto:[EMAIL PROTECTED] Sent: 11 July 2007 12:18 To: users@httpd.apache.org Subject: [EMAIL PROTECTED] Configuring a module twice Hi, I have a requirement to configure weblogic plugin for Apache, more than once. first, the plugin provided by the Weblogic 8.1 and again the plugin provided by Weblogic 9.1 in the same apache config. The requests coming in need to be handled by these different plugins based on the url, for example 1) "http://myserver.com/91example"; should be handled by the WL9.1 module and sent to a cluster of Weblogic 9.1 servers 2) http://myserver.com/* (except /91example) should be handled by WL9.1 module and sent to a cluster of Weblogic 8.1 servers. Is there a way we can achieve this ? I have tried using directive, but how do we specify that different paths are handled by different modules ? Please help. Thanks -- View this message in context: http://www.nabble.com/Configuring-a-module-twice-tf4061165.html#a11538062 Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Capgemini is a trading name used by the Capgemini Group of companies which includes Capgemini UK plc, a company registered in England and Wales (number 943935) whose registered office is at No. 1 Forge End, Woking, Surrey, GU21 6DB. This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] RE: Configuring a module twice
Thanks Steve, BEA had just confirmed the backwards compatibility of plugins and thats what we are looking to do now. cheers, Chaitanya Foster, Stephen (ASPIRE) wrote: > > Why not just use the weblogic9.1 plugin to handle delegation to both the > 8.1 and 9.1 servers, it is backwards compatible. > you can then configure the module and use different Location blocks with > different URI's mapping to different clusters. > > Steve > > -Original Message- > From: apacheIndian [mailto:[EMAIL PROTECTED] > Sent: 11 July 2007 12:18 > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] Configuring a module twice > > > > Hi, > > I have a requirement to configure weblogic plugin for Apache, more than > once. > first, the plugin provided by the Weblogic 8.1 and again the plugin > provided > by Weblogic 9.1 in the same apache config. > The requests coming in need to be handled by these different plugins based > on the url, for example > > 1) "http://myserver.com/91example"; should be handled by the WL9.1 module > and > sent to a cluster of Weblogic 9.1 servers > > 2) http://myserver.com/* (except /91example) should be handled by WL9.1 > module and sent to a cluster of Weblogic 8.1 servers. > > Is there a way we can achieve this ? > I have tried using directive, but how do we specify that > different paths are handled by different modules ? > > Please help. > > Thanks > -- > View this message in context: > http://www.nabble.com/Configuring-a-module-twice-tf4061165.html#a11538062 > Sent from the Apache HTTP Server - Users mailing list archive at > Nabble.com. > > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > Capgemini is a trading name used by the Capgemini Group of companies which > includes Capgemini UK plc, a company registered in England and Wales > (number 943935) whose registered office is at No. 1 Forge End, Woking, > Surrey, GU21 6DB. > This message contains information that may be privileged or confidential > and is the property of the Capgemini Group. It is intended only for the > person to whom it is addressed. If you are not the intended recipient, you > are not authorized to read, print, retain, copy, disseminate, distribute, > or use this message or any part thereof. If you receive this message in > error, please notify the sender immediately and delete all copies of this > message. > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Configuring-a-module-twice-tf4061165.html#a11543197 Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Where to add ScriptAlias
Thanks for the information. I will put it in the httpd.conf. You all are great. Bob R Robert A. Rawlinson wrote: What file should I add the ScriptAlias entry to? I have been reading for two days now and found the entry I need but nowhere does it seem to tell in what file the statement should be. Thanks for any help you can offer. Bob R - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Secure LDAP Auth to Active Directory
So I'm having a devil of a time getting Apache 2.0.55 compiled on an HP-UX 11.11 system to support secure LDAP authentication to our Active Directory servers. I configure it like so: ./configure --prefix=/opt/apache2 --enable-auth-dbm=shared --enable-expires=shared --enable-headers=shared --enable-rewrite=shared --enable-mime-magic=shared --enable-info=shared --enable-status=shared --enable-userdir=shared --enable-http --enable-so --enable-ssl=static --with-ssl=/opt/openssl098 --with-perl=/opt/perl58 --with-ndbm --enable-ldap=shared --enable-auth_ldap --with-ldap=/usr/local/OpenLDAP.2.3 The configure runs fine, but when I try to run 'make' I get: libtool: link: warning: this platform does not like uninstalled shared libraries libtool: link: `httpd' will be relinked during installation /usr/ccs/bin/ld: Unsatisfied symbols: util_ldap_connection_close (first referenced in modules/experimental/.libs/mod_auth_ldap.a(mod_auth_ldap.o)) (code) util_ldap_cache_comparedn (first referenced in modules/experimental/.libs/mod_auth_ldap.a(mod_auth_ldap.o)) (code) util_ldap_cache_checkuserid (first referenced in modules/experimental/.libs/mod_auth_ldap.a(mod_auth_ldap.o)) (code) util_ldap_connection_find (first referenced in modules/experimental/.libs/mod_auth_ldap.a(mod_auth_ldap.o)) (code) util_ldap_cache_compare (first referenced in modules/experimental/.libs/mod_auth_ldap.a(mod_auth_ldap.o)) (code) collect2: ld returned 1 exit status I'm also wondering if I'm even headed towards what I need. At one point, I got this to compile (this will teach me not to take notes) and the LDAP authentication worked, but the SSL portion did not. When the module loaded, it would say that SSL support was unavailable. I seem to recall reading in the docs that I need to compile with the netscape version of LDAP in order to support SSL, but other sites seem to indicate that's not the case.
Re: [EMAIL PROTECTED] apache hostname resolution (strange problem)
Mark, You understand the problem. That should work but I've been reluctant to do that. The goal is to maintain a configuration in development that mirrors production. I test all configuration changes on the LAN then push the file(s) into production. Jeff > Hi, > > Sorry if I have the wrong end of the stick, but why don't you just do > > NameVirtualHost 10.37.74.24:80 > > in your httpd.conf > > and then set your virtualhost to that NameVirtualHost. > > > ServerName www.myserver.com > > > Again sorry if I've misunderstood your problem. > > Regards, > > Mark. > > > > > > > > > > > > On 11/07/07, Jeff Fulmer <[EMAIL PROTECTED]> wrote: >> >> -Original Message- >> >> From: Jeff Fulmer [mailto:[EMAIL PROTECTED] >> >> Sent: Tuesday, July 10, 2007 2:56 PM >> >> To: users@httpd.apache.org >> >> Subject: [EMAIL PROTECTED] apache hostname resolution (strange problem) >> >> >> >> I have the oddest situation. I have a test server on the LAN. >> >> I added a >> >> host entry for www.myserver.com (actual name changed to protect the >> >> innocent). I can ping www.myserver.com and my resolved >> >> address matches the >> >> host entry. Life is grand, no? >> >> >> >> /usr/sbin/ping www.myserver.com >> >> PING www.myserver.com: 64 byte packets >> >> 64 bytes from 10.37.74.24: icmp_seq=0. time=0. ms >> >> >> >> I have apache configured with a virtual host for >> >> www.myserver.com. Watch >> >> what happens when I check my virtual hosts with httpd -S. I >> >> get the PUBLIC >> >> internet address for www.myserver.com: >> > >> > What exactly is your problem? What address do you expect to get? >> > >> > Your posting is confusing because it's not clear whether your munged >> > domain names are supposed to be internal LAN names or public domain >> > names... >> > >> >> I expect it to be 10.37.74.24. It can't bind a virtual host to an >> address >> that's not on the server. Here's the output of httpd -S >> >> lccas243$ bin/httpd -S >> VirtualHost configuration: >> 64.157.185.199:80 www.myserver.com >> (/usr/local/httpd/conf/vhosts/80_myserver.com:5) >> wildcard NameVirtualHosts and _default_ servers: >> *:443 is a NameVirtualHost >> default server www.myserver.com >> (/usr/local/httpd/conf/vhosts/443_myserver.com:4) >> port 443 namevhost www.myserver.com >> (/usr/local/httpd/conf/vhosts/443_myserver.com:4) >> *:80 is a NameVirtualHost >> >> On the server itself, www.myserver.com resolves to 10.37.74.24 which is >> the address I have in the /etc/hosts file. But apache is resolving it >> based on it's DNS entry. It does this even when I turn DNS off! >> >> Jeff >> >> >> - >> The official User-To-User support forum of the Apache HTTP Server >> Project. >> See http://httpd.apache.org/userslist.html> for more info. >> To unsubscribe, e-mail: [EMAIL PROTECTED] >>" from the digest: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] apache hostname resolution (strange problem)
lsof tells me that apache is using libnsl on startup. I assume it's using that to acquire the server name. That library appears to use DNS for resolution despite the fact that nsswitch.conf is set for hosts only. I commented out the name servers in /etc/resolv.conf and guess what? The virtual host was correctly bound to 10.37.74.24. Ugh. > Mark, > > You understand the problem. That should work but I've been reluctant to do > that. The goal is to maintain a configuration in development that mirrors > production. I test all configuration changes on the LAN then push the > file(s) into production. > > Jeff > > >> Hi, >> >> Sorry if I have the wrong end of the stick, but why don't you just >> do >> >> NameVirtualHost 10.37.74.24:80 >> >> in your httpd.conf >> >> and then set your virtualhost to that NameVirtualHost. >> >> >> ServerName www.myserver.com >> >> >> Again sorry if I've misunderstood your problem. >> >> Regards, >> >> Mark. >> >> >> >> >> >> >> >> >> >> >> >> On 11/07/07, Jeff Fulmer <[EMAIL PROTECTED]> wrote: >>> >> -Original Message- >>> >> From: Jeff Fulmer [mailto:[EMAIL PROTECTED] >>> >> Sent: Tuesday, July 10, 2007 2:56 PM >>> >> To: users@httpd.apache.org >>> >> Subject: [EMAIL PROTECTED] apache hostname resolution (strange problem) >>> >> >>> >> I have the oddest situation. I have a test server on the LAN. >>> >> I added a >>> >> host entry for www.myserver.com (actual name changed to protect the >>> >> innocent). I can ping www.myserver.com and my resolved >>> >> address matches the >>> >> host entry. Life is grand, no? >>> >> >>> >> /usr/sbin/ping www.myserver.com >>> >> PING www.myserver.com: 64 byte packets >>> >> 64 bytes from 10.37.74.24: icmp_seq=0. time=0. ms >>> >> >>> >> I have apache configured with a virtual host for >>> >> www.myserver.com. Watch >>> >> what happens when I check my virtual hosts with httpd -S. I >>> >> get the PUBLIC >>> >> internet address for www.myserver.com: >>> > >>> > What exactly is your problem? What address do you expect to get? >>> > >>> > Your posting is confusing because it's not clear whether your munged >>> > domain names are supposed to be internal LAN names or public domain >>> > names... >>> > >>> >>> I expect it to be 10.37.74.24. It can't bind a virtual host to an >>> address >>> that's not on the server. Here's the output of httpd -S >>> >>> lccas243$ bin/httpd -S >>> VirtualHost configuration: >>> 64.157.185.199:80 www.myserver.com >>> (/usr/local/httpd/conf/vhosts/80_myserver.com:5) >>> wildcard NameVirtualHosts and _default_ servers: >>> *:443 is a NameVirtualHost >>> default server www.myserver.com >>> (/usr/local/httpd/conf/vhosts/443_myserver.com:4) >>> port 443 namevhost www.myserver.com >>> (/usr/local/httpd/conf/vhosts/443_myserver.com:4) >>> *:80 is a NameVirtualHost >>> >>> On the server itself, www.myserver.com resolves to 10.37.74.24 which is >>> the address I have in the /etc/hosts file. But apache is resolving it >>> based on it's DNS entry. It does this even when I turn DNS off! >>> >>> Jeff >>> >>> >>> - >>> The official User-To-User support forum of the Apache HTTP Server >>> Project. >>> See http://httpd.apache.org/userslist.html> for more info. >>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>>" from the digest: [EMAIL PROTECTED] >>> For additional commands, e-mail: [EMAIL PROTECTED] >>> >>> >> >> - >> The official User-To-User support forum of the Apache HTTP Server >> Project. >> See http://httpd.apache.org/userslist.html> for more info. >> To unsubscribe, e-mail: [EMAIL PROTECTED] >>" from the digest: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> > > > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] mod_ssl revisited
Now I'm back to the original problem. I turned off name resolution and I restarted apache. The virtual host for www.myserver.com:443 works as expected. However, this error continues to repeat itself in the logs: [Wed Jul 11 13:14:39 2007] [info] Connection to child 22 established (server www.myserver.com:443, client 127.0.0.1) [Wed Jul 11 13:14:39 2007] [info] Seeding PRNG with 0 bytes of entropy [Wed Jul 11 13:14:39 2007] [debug] ssl_engine_kernel.c(1769): OpenSSL: Handshake: start [Wed Jul 11 13:14:39 2007] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: before/accept initialization [Wed Jul 11 13:14:39 2007] [debug] ssl_engine_io.c(1523): OpenSSL: I/O error, 11 bytes expected to read on BIO#4046c990 [mem: 4048d2b0] [Wed Jul 11 13:14:39 2007] [debug] ssl_engine_kernel.c(1806): OpenSSL: Exit: error in SSLv2/v3 read client hello A [Wed Jul 11 13:14:39 2007] [info] (70014)End of file found: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!] [Wed Jul 11 13:14:39 2007] [info] Connection to child 22 closed with abortive shutdown(server www.myserver.com:443, client 127.0.0.1) This occurs without *any* connections to the server. The error continues about 30 to 40 times at short regular intervals. After that it appears at irregular intervals while the server is running and under load. This occurs without *any* HTTPS requests to www.myserver.com:443. Any thoughts? Jeff - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Issue in proxy Load Blancer
Hi, I am having a problem in Load Balancing with Apache 2.2.4 server setup and the issue is as follows, Ihave Jboss4.2.0 GA with two server instances [TestAdmin and Test] and I have deployed two applications namely TestAdmin and Test in respective server instance. Both the server instances are in cluster. In addition, we have configured apache 2.2.4 with mod_proxy_balancer for load balancing. The above configuration is replicated in other boxes in cluster. Our primary goal of the clustering is for load balancing and Single SignOn and not for failover [No session replication]. The proxy balancer configurations is as follows, # Admin Load Balancer Order deny,allow Allow from all 1:8101/test route=test_1 loadfactor=10 smax=50 max=50 min=5 ttl=60 BalancerMember ajp://box2:8101/test route=test_2 loadfactor=10 smax=50 max=50 min=5 ttl=60 ProxyRequests off ProxyPass /adminbalancer://admin_loadbalancer lbmethod=bytraffic nofailover=On stickysession=JSESSIONID ProxyPass /test balancer://test_loadbalancer lbmethod=bytraffic nofailover=On stickysession=JSESSIONID With the above settings, when we login to the TestAdmin Application it appends the jvm route in the sessionid (e.g.: x.admin_1). And when we traverse to the Test application related link from the TestAdmin page, i am getting Service temporarily unavailable exception. When i looked into the apache error log, it says "All workers are in error state for route (admin_1)". What we infer is that it is expecting the admin_1 route in test_balancer but the test_balancer does not have the route. Could you please help me out to resolve this issue? Thanks, Vasanth - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Secure LDAP Auth to Active Directory
Aaron Smith wrote: So I’m having a devil of a time getting Apache 2.0.55 compiled on an HP-UX 11.11 system to support secure LDAP authentication to our Active Directory servers. I configure it like so: ./configure --prefix=/opt/apache2 --enable-auth-dbm=shared --enable-expires=shared --enable-headers=shared --enable-rewrite=shared --enable-mime-magic=shared --enable-info=shared --enable-status=shared --enable-userdir=shared --enable-http --enable-so --enable-ssl=static --with-ssl=/opt/openssl098 --with-perl=/opt/perl58 --with-ndbm --enable-ldap=shared --enable-auth_ldap --with-ldap=/usr/local/OpenLDAP.2.3 The configure runs fine, but when I try to run ‘make’ I get: libtool: link: warning: this platform does not like uninstalled shared libraries libtool: link: `httpd' will be relinked during installation /usr/ccs/bin/ld: Unsatisfied symbols: util_ldap_connection_close (first referenced in modules/experimental/.libs/mod_auth_ldap.a(mod_auth_ldap.o)) (code) util_ldap_cache_comparedn (first referenced in modules/experimental/.libs/mod_auth_ldap.a(mod_auth_ldap.o)) (code) util_ldap_cache_checkuserid (first referenced in modules/experimental/.libs/mod_auth_ldap.a(mod_auth_ldap.o)) (code) util_ldap_connection_find (first referenced in modules/experimental/.libs/mod_auth_ldap.a(mod_auth_ldap.o)) (code) util_ldap_cache_compare (first referenced in modules/experimental/.libs/mod_auth_ldap.a(mod_auth_ldap.o)) (code) collect2: ld returned 1 exit status I’m also wondering if I’m even headed towards what I need. At one point, I got this to compile (this will teach me not to take notes) and the LDAP authentication worked, but the SSL portion did not. When the module loaded, it would say that SSL support was unavailable. I seem to recall reading in the docs that I need to compile with the netscape version of LDAP in order to support SSL, but other sites seem to indicate that’s not the case. I have been having my own problems with related modules. It will probably help your case to use OpenLDAP for its libraries; there's a config option to only build client libs and binaries. Add the --with-ldap-sdk=openldap might be missing. Brian - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] apache2 reverse proxy cgi problem
I am almost to the point of having my apache2 reverse proxy complete. I am having trouble now when the reverse proxy forwards a user from the login page to the cgi-bin on the main server. I get an error that is generated from the main server: Forbidden You don't have permission to access /cgi-bin/cgi_main on this server. Apache/1.3.26 Server at Port 80 Since the error is being generated by the main server not the proxy I'm guessing that is where the problem lies. That server is on a vms box and can't be touched so I have to make the reverse proxy work without any modifications to the vms/apache. I can go directly to the main server with a browser and all of the cgi apps work fine. Non-cgi content works fine. The paths seem correct. I tried to load mod_cgi.so on the proxy box and get an error 'invalid ELF header'. I'm hoping that when this step is resolved that the proxy will be able to proxy the cgi programs from the main server. I hope I've provided enough info that someone will recognize my problem. Thanks in advance, Jeff - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] apache2 reverse proxy cgi problem
Jeff Murch wrote: I am almost to the point of having my apache2 reverse proxy complete. I am having trouble now when the reverse proxy forwards a user from the login page to the cgi-bin on the main server. I get an error that is generated from the main server: Forbidden You don't have permission to access /cgi-bin/cgi_main on this server. Jeff what is in your error log on the back-end/main server? ... -- Tony - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] ldap group problems
httpd v2.2.4 from source on macos 10.4.9 I have a configuration like this. In the first case using require valid-user, everything works as expected. I can authenticate users just fine. However, when I use the second Location block, I have problems and cannot authorize against the group. Any suggestions? Thanks, Sean AuthLDAPBindDN cn=secretuser,dc=octopus,dc=nci,dc=nih,dc=gov AuthLDAPBindPasswordsecret AuthzLDAPAuthoritative off AuthTypebasic AuthName"svn repository" AuthBasicProvider ldap AuthLDAPURL ldap://octopus.nci.nih.gov/dc=octopus,dc=nci,dc=nih,dc=gov require valid-user AuthLDAPBindDN cn=secretuser,dc=octopus,dc=nci,dc=nih,dc=gov AuthLDAPBindPasswordsecret Allow from all AuthzLDAPAuthoritative off AuthLDAPGroupAttributeIsDN off AuthLDAPGroupAttribute member AuthTypebasic AuthName"svn repository" AuthBasicProvider ldap AuthLDAPURL ldap://octopus.nci.nih.gov/dc=octopus,dc=nci,dc=nih,dc=gov require ldap-group cn=mpiuser,ou=group,dc=octopus,dc=nci,dc=nih,dc=gov Here is what the apache log shows: [Wed Jul 11 20:30:44 2007] [debug] mod_authnz_ldap.c(376): [client 137.187.209.230] [8873] auth_ldap authenticate: using URL ldap://octopus.nci.nih.gov/dc=octopus,dc=nci,dc=nih,dc=gov [Wed Jul 11 20:30:44 2007] [debug] mod_authnz_ldap.c(475): [client 137.187.209.230] [8873] auth_ldap authenticate: accepting sdavis [Wed Jul 11 20:30:44 2007] [debug] mod_authnz_ldap.c(712): [client 137.187.209.230] [8873] auth_ldap authorise: require group: testing for group membership in "cn=mpiuser,ou=group,dc=octopus,dc=nci,dc=nih,dc=gov" [Wed Jul 11 20:30:44 2007] [debug] mod_authnz_ldap.c(718): [client 137.187.209.230] [8873] auth_ldap authorise: require group: testing for member: sdavis (cn=mpiuser,ou=group,dc=octopus,dc=nci,dc=nih,dc=gov) [Wed Jul 11 20:30:44 2007] [debug] mod_authnz_ldap.c(734): [client 137.187.209.230] [8873] auth_ldap authorise: require group "cn=mpiuser,ou=group,dc=octopus,dc=nci,dc=nih,dc=gov": authorisation failed [Comparison complete][Invalid syntax] [Wed Jul 11 20:30:44 2007] [debug] mod_authnz_ldap.c(842): [client 137.187.209.230] [8873] auth_ldap authorise: declining to authorise [Wed Jul 11 20:30:44 2007] [error] [client 137.187.209.230] access to /svn2/apache_pb.png failed, reason: require directives present and no Authoritative handler. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] redirect on /
I have two goals with my apache server that I hope are not mutual exclusive. I use apache to proxy requests to a backend user using modproxy and rewrite rules. (the backend is zope) This works great. I also use apache to handle ssl. I also have virtual hosts, some ip based, some name based. My rewrite rule captures all requests to /zs and proxies them to zope. I have created html docs that have client side redirection for those vhosts that only serve content from from the zope back end. However, this redirect seems to take too long for some. So I would like to put a server side redirect on all requests to '/' so they are redirected to /zs which the rewrite rule will capture. I still want to retain the ability to serve content out of the file system, ie from htdocs. Will the redirect on '/' also capture requests for /static.html and other content that lives in the file system? There are also other redirects as well that I want to preserve. -- -- David Bear College of Public Programs at Arizona State University - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] mod_cache setup
Hello I'm trying to figure out if my simple mod_cache setup is working. I compiled the mod_cache modules (mod_cache, mod_disk_cache and mod_mem_cache) and put together a simple configuration. The server starts up without a murmur, but I'm not sure that the caching is actually taking place. In my first test, I disabled the mem_cache by commenting it out in the configuration, and wrapping its directives with an IfModule, like so: CacheIgnoreCacheControl On CacheDefaultExpire 120 CacheEnable mem http://192.168.1.100:80/test MCacheSize 32768 MCacheMaxObjectCount 100 MCacheMinObjectSize 1 MCacheMaxObjectSize 1048576 My mod_disk_cache setup looks like this: CacheIgnoreCacheControl On CacheDefaultExpire 300 CacheRoot /apprel/tmp/htcache CacheEnable disk http://192.168.1.100:80/test The /apprel/tmp/htcache directory is available to the apache user. In the htdocs/test directory I have a simple html page. When I make a browser request to that directory, the page is loaded. I immediately make a change to the page, and reload it in the browser. The new page loads, despite the fact that the 2 minutes are far from up. I get the same result when I switch to mod_mem_cache. I can't seem to find anything wrong with my config (I tried some bogus cach directives, and the server wouldn't start, so I know that the mod_cache pieces are there). Any help would be much appreciated. thanks Wayne -- 2X7 -> %A-3+ -> %K-7+ -> %9-?+ -> %Q-8 -> ?9-?9+
[EMAIL PROTECTED] Re: redirect on /
David Bear wrote:
> I have two goals with my apache server that I hope are not mutual
> exclusive.
>
> I use apache to proxy requests to a backend user using modproxy and
> rewrite rules. (the backend is zope) This works great. I also use apache
> to handle ssl. I also have virtual hosts, some ip based, some name based.
> My rewrite rule captures all requests to /zs and proxies them to zope.
>
> I have created html docs that have client side redirection for those
> vhosts that only serve content from from the zope back end. However, this
> redirect seems to take too long for some. So I would like to put a server
> side redirect on all requests to '/' so they are redirected to /zs which
> the rewrite rule will capture.
>
> I still want to retain the ability to serve content out of the file
> system, ie from htdocs. Will the redirect on '/' also capture requests
> for /static.html and other content that lives in the file system?
>
> There are also other redirects as well that I want to preserve.
>
I think I found a possible recipe
RedirectMatch ^/$ http://myserver/zs/
Will catch everything that is http://myserver/ and not anything that is
explicitly listed after the first '/'. So I can still access content that I
know the specific url of from '/'
This seems to do what I want but I'm wondering if there is something I'm not
thinking of. If this seems a safe way to go I'd like to implement it with
at {SERVER_NAME} or other parameterized portion of the url -- so the rule
will work the same on all vhosts. Any advice appreciated.
>
>
--
--
David Bear
College of Public Programs at Arizona State University
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
