Re: [EMAIL PROTECTED] ignore/remove X-Forwarded-For
That would be the best way, but don't know how to do that in httpd.conf...
> > >
> > > On 8/2/07, tom <[EMAIL PROTECTED]> wrote:
> > > > Hi,
> > > >
> > > > thanks, works fine. Do you know if I can rename a header? I was trying
> > > > to
> do
> > > it like this
> > > >
> > > > SetEnvIf X-Powered-By "(.*)" HAVE_X-Powered-By=$1
> > > > Header add X-Original-Powered-By $HAVE_X-Powered-By$
> env=HAVE_X-Powered-By
> > > > Header unset X-Powered-By env=HAVE_X-Powered-By
> > > >
> > > > The problem is that I don't know how to access the HAVE_X-Powered-By
> variable
> > > at the second line ($HAVE_X-Powered-By$).
> > > >
> > >
> > > Use %{HAVE_X-Powered-By}e
> > > See:
> > > http://httpd.apache.org/docs/2.2/mod/mod_headers.html#header
> > >
> > > Joshua.
> > >
>
> Hold on, couldnt you just do a=b; unset a? or am i reading this wrong
> (i need to look for a specific header too, but i get so many variants
> of it i'd bloat the code checking for all variants of it in my PHP)
>
>
> --
> Morgan gangwere
>
> "Space does not reflect society, it expresses it." -- Castells, M.,
> Space of Flows, Space of Places: Materials for a Theory of Urbanism in
> the Information Age, in The Cybercities Reader, S. Graham, Editor.
> 2004, Routledge: London. p. 82-93.
> -BEGIN PGP SIGNATURE-
> Version: Gmail/GnuPG Min32 Hack
> Comment: Using GnuPG and Gmail - ask me about Grim Fandango
>
> iD8DBQFGV3KQCF9T/dUsmAgRAvESAKDfZYbRtebNO+WPfx6DryIvIwt9TgCgukZG
> cIj5nSWws/pAeW2ESlj7GuM=
> =Y4uC
> -END PGP SIGNATURE-
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>" from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
>
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] No remote user in LOG file in CGI (HTTP Authentification)
Hello,
According to my previous post on the bug track:
http://issues.apache.org/bugzilla/show_bug.cgi?id=43018
This is a script in PHP that is called by the a CGI handler in Apache. HTTP
Authentification.
In a normal Apache module environnement, a HTTP Authentification is
called and
we can see on the log of Apache :
IP - USER - [DATETIME] "GET / HTTP/1.1" 200 SIZE "REFERER" "AGENT"
Meanwhile, in a CGI environnement, Apache call a CGI script, in my
exemple PHP
and pass him variables.
So in order of compatibility to pass the authentification to the PHP
script, we
have to set a .htaccess where :
RewriteEngine on
RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L
]
So with it in environnement variables we can see :
[REDIRECT_REMOTE_USER] => Basic dGl0aTp0b3Rv
[REDIRECT_STATUS] => 200
where dGl0aTp0b3Rv is corresponding to user:password titi:toto (base64)
Of course, with network analyzer, we can see that the browser send to
the Apache
serveur in HTTP headers :
Authorization: Basic dGl0aTp0b3Rv
(our titi:toto)
In this cas, Apache log don't indicate the user :
IP - - - [DATETIME] "GET / HTTP/1.1" 200 SIZE "REFERER" "AGENT"
Ok, the use of PHP is independant of Apache log writes but if browser send
Authorization: Basic dGl0aTp0b3Rv in a module Apache or CGI Apache
(PHP), why
Apache, that see the basic, don't write the remote_user in the log ?
In normal environnement, whithout CGI, handler ..., the browser send the
same
request and the log indicate the USER.
According to the track response, I've replaced the %u to %LogFormat directive but the user authentified still no appear
in the log :
IP - - - [DATETIME] "GET / HTTP/1.1" 200 SIZE "REFERER" "AGENT"
Has anyone the same problem or a soltion ?
Thank you for any help.
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] RE : [EMAIL PROTECTED] mass bug-closing?
On 8/3/07, Laurent FAILLIE <[EMAIL PROTECTED]> wrote: > The same for me. > And it was 2 very simple compilation problem under > HP-UX that can be solve in 5 minutes :-(( > > Is 1.3 fasing out ? Yes, almost all development effort is targeted at 2.2 and up. 1.3 only gets the most critical fixes. There is no formal effort to stop 1.3 development (as with php 4, for example), but there are simply no developers interested in advancing it when a much better platform is available. As Nick mentioned, if your 1.3 bug still exists in 2.2, feel free to refile it. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Limit number of prefork worksers a virtual host can use
On 8/3/07, ben short <[EMAIL PROTECTED]> wrote: > Hi, > > I'm using httpd 2.2.4 and have two virtual hosts. Is it possible to > assign half of the available workers to each virtual host? No. If you need to do that, the simplest way is simply use two IP addresses and two apache instances. There are some third-party modules (see http://modules.apache.org) that do similar things, but I haven' t used any of them myself. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] URL modified to localhost by apache
hi, i have a webapp running under tomcat on a linux machine named devint01. i have also built apache http 2.2.4 on the machine and i added the following proxy pass to apache's config for my application running in the tomcat ProxyPass /timeRec http://locahost:5080/timeRec and the reverse proxy pass as well. the problem is when i access the application thru apache as proxy that is http://devint01.xxx.com/timeRec i get mis configured url on the page that results i.e the register.jsp link shows http://localhost/timeRec/register.jsp from any machine on the network where i access the devint01 server. whe i go through the tomcat directly i.e. http://devint01.xxx.com:5080/timeRec then all the link start directing to http://devint01.xxx.com/timeRec/ pls help .. i think it is some where in my apache httpd config that the problem is occuring -- View this message in context: http://www.nabble.com/URL-modified-to-localhost-by-apache-tf4212027.html#a11981606 Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] RE: Failed autentication
Thanks for both of you. I will try tomcat list. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joshua Slive Sent: Friday, August 03, 2007 9:06 AM To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] RE: Failed autentication On 8/3/07, Boyle Owen <[EMAIL PROTECTED]> wrote: > > -Original Message- > > From: Lisa Tan [mailto:[EMAIL PROTECTED] > > Sent: Thursday, August 02, 2007 11:45 PM > > To: users@httpd.apache.org > > Subject: [EMAIL PROTECTED] RE: Failed autentication > > > > I am trying to set up Tomcat form based authentication and > > ... so why are you posting to an apache list? Try: What the terminology there ;-) Tomcat is as much "Apache" now as anything else. It's official name is "Apache Tomcat". You are entirely correct, however, that this person is not looking for the "Apache HTTP Server" (or "Apache httpd"), which is what she found here. > http://tomcat.apache.org/lists.html Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] No remote user in LOG file in CGI (HTTP Authentification)
On 8/3/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Hello, > > According to my previous post on the bug track: > http://issues.apache.org/bugzilla/show_bug.cgi?id=43018 > > This is a script in PHP that is called by the a CGI handler in Apache. HTTP > Authentification. Your problem is very hard to decipher. Exactly how is authentication configured, and exactly how is your CGI called? Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] No remote user in LOG file in CGI (HTTP Authentification)
On 8/3/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> Hi,
>
> Authentification is configured by PHP, it send to the browser required
> headers in order to provide authentification :
> header("WWW-Authenticate: Basic realm=\"Realm\"");
> header("HTTP/1.0 401 Unauthorized");
>
> For the CGI, it is called in Apache CONF as following :
> AddHandler cgi-php5 .php5 .php
> Action cgi-php5 /php5/php5-cgi
> SuexecUserGroup users
>
> where /php5/php5-cgi is the executable compiled CGI PHP and
> is an non privilegied user of the unix system.
> So the PHP (CGI) script is executed with privilege.
>
> The authentification mechanism is OK, I login in the CGI script
> perfectly with credential titi:toto but logs'apache don't indicate titi
> as %http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] URL modified to localhost by apache
On 03/08/07, aadi <[EMAIL PROTECTED]> wrote: > ProxyPass /timeRec http://locahost:5080/timeRec > and the reverse proxy pass as well. the problem is when i access the > application thru apache as proxy that is > > http://devint01.xxx.com/timeRec i get mis configured url on the page that > results > > i.e the register.jsp link shows http://localhost/timeRec/register.jsp from > any machine on the network where i access the devint01 server. > > whe i go through the tomcat directly i.e. > http://devint01.xxx.com:5080/timeRec > > then all the link start directing to > http://devint01.xxx.com/timeRec/ Sounds like your webapp is using the host name of the request to construct urls back to itself, though it's odd that it drops the port. In any case, it may help to use an IP address in the ProxyPass directive, and ProxyPreserveHost On to send the original Host: header to Tomcat. -- noodl - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] RE : [EMAIL PROTECTED] mass bug-closing?
The same for me. And it was 2 very simple compilation problem under HP-UX that can be solve in 5 minutes :-(( Is 1.3 fasing out ? --- Matus UHLAR - fantomas <[EMAIL PROTECTED]> a écrit : > Hello, > > two of my bugs (39910 and 25469) were closed a fre > hours ago as WONTFIX. > They were filled against 1.3, but they are > applicable for 2.0 and 2.2 too > (afaik). > > Was there any mass closing for 1.3 bugs, or should I > take it personally? > > -- > Matus UHLAR - fantomas, [EMAIL PROTECTED] ; > http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to > this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek > reklamnu postu. > "To Boot or not to Boot, that's the question." > [WD1270 Caviar] > > - > The official User-To-User support forum of the > Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for > more info. > To unsubscribe, e-mail: > [EMAIL PROTECTED] >" from the digest: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > The misspelling master is on the Web. _100 % Dictionnary Free ! //( / Dico / / Pleins d'autres fautes sur // / (###( / http://destroyedlolo.homeunix.org Quoi, des fautes d'orthographe! Pas possible ;-D. _ Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! Mail - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] mass bug-closing?
> -Original Message- > From: Matus UHLAR - fantomas [mailto:[EMAIL PROTECTED] > Sent: Friday, August 03, 2007 10:49 AM > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] mass bug-closing? > > Hello, > > two of my bugs (39910 and 25469) were closed a fre hours ago > as WONTFIX. > They were filled against 1.3, but they are applicable for 2.0 > and 2.2 too > (afaik). > > Was there any mass closing for 1.3 bugs, or should I take it > personally? Check on the httpd-dev list - seems there was... > > -- > Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > "To Boot or not to Boot, that's the question." [WD1270 Caviar] > > - > The official User-To-User support forum of the Apache HTTP > Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] mass bug-closing?
Hello, two of my bugs (39910 and 25469) were closed a fre hours ago as WONTFIX. They were filled against 1.3, but they are applicable for 2.0 and 2.2 too (afaik). Was there any mass closing for 1.3 bugs, or should I take it personally? -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. "To Boot or not to Boot, that's the question." [WD1270 Caviar] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Limit number of prefork worksers a virtual host can use
Hi, I'm using httpd 2.2.4 and have two virtual hosts. Is it possible to assign half of the available workers to each virtual host? Regards Ben Short - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] mass bug-closing?
On Fri, 3 Aug 2007 10:48:44 +0200 Matus UHLAR - fantomas <[EMAIL PROTECTED]> wrote: > Hello, > > two of my bugs (39910 and 25469) were closed a fre hours ago as > WONTFIX. They were filled against 1.3, but they are applicable for > 2.0 and 2.2 too (afaik). > > Was there any mass closing for 1.3 bugs, or should I take it > personally? Jim closed about 200 1.3 bugs yesterday. At a very brief glance, they appear to range from clueless gibberish through questionable to legitimate-but-won't-fix-because-1.3-is-obsolete and long-since- fixed. So nothing personal. If your bugs are legitimate and affect 2.2, perhaps now would be a good time to raise the matter again. -- Nick Kew Application Development with Apache - the Apache Modules Book http://www.apachetutor.org/ - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Provide solution If u have
Hi, I am Ravi, working as a open source developer. I am working on Apache Modules. I have two modules A and B. 1. By browser, Module A get request for a service type. 2. Module A checks its service type. 3. Now It passes the whole request to Module B as its output( not to browser at this moment) 4. Module B process the request & sends back processed data to Module A. 5. Now Module A sends that processed data to browser. So Module A can be regarded as a intermediate module . I want to know , how a module can send data to another Module Under same apache.? Is there any API for that ? What will be the case if we have two different apache on different machines ? Ravi
Re: [EMAIL PROTECTED] RE: Failed autentication
On 8/3/07, Boyle Owen <[EMAIL PROTECTED]> wrote: > > -Original Message- > > From: Lisa Tan [mailto:[EMAIL PROTECTED] > > Sent: Thursday, August 02, 2007 11:45 PM > > To: users@httpd.apache.org > > Subject: [EMAIL PROTECTED] RE: Failed autentication > > > > I am trying to set up Tomcat form based authentication and > > ... so why are you posting to an apache list? Try: What the terminology there ;-) Tomcat is as much "Apache" now as anything else. It's official name is "Apache Tomcat". You are entirely correct, however, that this person is not looking for the "Apache HTTP Server" (or "Apache httpd"), which is what she found here. > http://tomcat.apache.org/lists.html Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] No remote user in LOG file in CGI (HTTP Authentification)
Hi,
Authentification is configured by PHP, it send to the browser required
headers in order to provide authentification :
header("WWW-Authenticate: Basic realm=\"Realm\"");
header("HTTP/1.0 401 Unauthorized");
For the CGI, it is called in Apache CONF as following :
AddHandler cgi-php5 .php5 .php
Action cgi-php5 /php5/php5-cgi
SuexecUserGroup users
where /php5/php5-cgi is the executable compiled CGI PHP and
is an non privilegied user of the unix system.
So the PHP (CGI) script is executed with privilege.
The authentification mechanism is OK, I login in the CGI script
perfectly with credential titi:toto but logs'apache don't indicate titi
as %
Thanks,
Joshua Slive a écrit :
On 8/3/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Hello,
According to my previous post on the bug track:
http://issues.apache.org/bugzilla/show_bug.cgi?id=43018
This is a script in PHP that is called by the a CGI handler in Apache. HTTP
Authentification.
Your problem is very hard to decipher.
Exactly how is authentication configured, and exactly how is your CGI called?
Joshua.
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] allowing only javascript but preventing all else
Hi- Im looking to make an entire site password protected, except for some embed codes that get processed from publisher sites. The password protection should not interfere with serving the publisher javascript code that resides at some subdirectory underneath the docroot.
Re: [EMAIL PROTECTED] allowing only javascript but preventing all else
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Henry Cavillones wrote: > Im looking to make an entire site password protected, except for some > embed codes that get processed from publisher sites. > > The password protection should not interfere with serving the publisher > javascript code that resides at some subdirectory underneath the docroot. Just make everything Require valid-user, but use Satisfy Any, and set Allow from all on just that subdirectory. For reference and an example, see http://httpd.apache.org/docs/2.2/mod/core.html#satisfy Hope this helps, Ricky -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFGs4tgZBKKLMyvSE4RAi8cAKCmClu8dUKP0bYqf4hfxX52hhE4YgCg41vy bXEImOYKHLGlPFBZiHp4U08= =rtXJ -END PGP SIGNATURE- - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] allowing only javascript but preventing all else
On 8/3/07, Henry Cavillones <[EMAIL PROTECTED]> wrote: > > > > Hi- > Im looking to make an entire site password protected, except for some embed > codes that get processed from publisher sites. you'll want .htaccess for that. > The password protection should not interfere with serving the publisher > javascript code that resides at some subdirectory underneath the docroot. so _everything_ is blocked except .js? you'll need a ReWriteRule to change index.html to index.js But why Javascript? If you _really_ want you want to have a deny/allow: < * > order: Deny, Allow Deny All < *.js > order: allow, deny allow: all and have the code for .htaccess in DocRoot/,htacces and have the password file point to say /var/passwords/sitename.htpasswd (for security reasons) > > -- Morgan gangwere "Space does not reflect society, it expresses it." -- Castells, M., Space of Flows, Space of Places: Materials for a Theory of Urbanism in the Information Age, in The Cybercities Reader, S. Graham, Editor. 2004, Routledge: London. p. 82-93. -BEGIN PGP SIGNATURE- Version: Gmail/GnuPG Min32 Hack Comment: Using GnuPG and Gmail - ask me about Grim Fandango iD8DBQFGV3KQCF9T/dUsmAgRAvESAKDfZYbRtebNO+WPfx6DryIvIwt9TgCgukZG cIj5nSWws/pAeW2ESlj7GuM= =Y4uC -END PGP SIGNATURE- - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Multiple Authentication
Brian Weed wrote: I'm using Apache v2.2.4 (on Windows Server 2003) and I'm trying to use both SSPI and Basic Authentication together so that both Domain and non-domain users can log in to my Trac Wiki site. Withi this config: # Domain Login AuthName "my domain" AuthType SSPI SSPIAuth On SSPIAuthoritative Off SSPIDomain MYDOMAIN SSPIOfferBasic On SSPIOfferSSPI Off SSPIOmitDomain On SSPIPerRequestAuth On # Non-domain login AuthType Basic AuthBasicAuthoritative Off AuthUserFile D:/wikis/trac.htpasswd Require valid-user It only allows Domain users to log in. Its not falling back to Basic via AuthUserFile. If I turn off SSPI, then it allows Basic Auth (but obviously not Domain login). Searching the web, I've found a few people with similar problems, but no real solution: http://svn.haxx.se/users/archive-2006-09/1384.shtml and http://www.svnforum.org/2017/viewtopic.php?p=11517 The error I get in the error.log is: "...Logon failure: unknown user name or bad password. : user MYDOMAIN\\nondomainuser: authentication failure for "/cgi-bin/trac.cgi/foo/login" So, it seems as though it's always prepending the domain, even when falling back to Basic, or its not falling back at all. Is there some other module I have to install to support falling back? Any ideas as to what else I may be doing wrong? End original message. - Just a thought... (caveat being I have not messed with anything beyond basic authentication). What about having two different virtual hosts serving as entry points to this application which both point to the same application directory? I think by doing that you can have one of the authentication methods associated with one virtual host and the other with the second virtual host. Dragon ~~~ Venimus, Saltavimus, Bibimus (et naribus canium capti sumus) ~~~ - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Multiple Authentication
I'm using Apache v2.2.4 (on Windows Server 2003) and I'm trying to use both SSPI and Basic Authentication together so that both Domain and non-domain users can log in to my Trac Wiki site. Withi this config: # Domain Login AuthName "my domain" AuthType SSPI SSPIAuth On SSPIAuthoritative Off SSPIDomain MYDOMAIN SSPIOfferBasic On SSPIOfferSSPI Off SSPIOmitDomain On SSPIPerRequestAuth On # Non-domain login AuthType Basic AuthBasicAuthoritative Off AuthUserFile D:/wikis/trac.htpasswd Require valid-user It only allows Domain users to log in. Its not falling back to Basic via AuthUserFile. If I turn off SSPI, then it allows Basic Auth (but obviously not Domain login). Searching the web, I've found a few people with similar problems, but no real solution: http://svn.haxx.se/users/archive-2006-09/1384.shtml and http://www.svnforum.org/2017/viewtopic.php?p=11517 The error I get in the error.log is: "...Logon failure: unknown user name or bad password. : user MYDOMAIN\\nondomainuser: authentication failure for "/cgi-bin/trac.cgi/foo/login" So, it seems as though it's always prepending the domain, even when falling back to Basic, or its not falling back at all. Is there some other module I have to install to support falling back? Any ideas as to what else I may be doing wrong? Thanks. Brian Need a vacation? Get great deals to amazing places on Yahoo! Travel. http://travel.yahoo.com/ - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] allowing only javascript but preventing all else
will this work if i just wanted to restrict access to specific types of files like say js or flvs? but continue to password protect the entire docroot? -Original Message- From: Ricky Zhou [mailto:[EMAIL PROTECTED] Sent: Fri 8/3/2007 4:09 PM To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] allowing only javascript but preventing all else -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Henry Cavillones wrote: > Im looking to make an entire site password protected, except for some > embed codes that get processed from publisher sites. > > The password protection should not interfere with serving the publisher > javascript code that resides at some subdirectory underneath the docroot. Just make everything Require valid-user, but use Satisfy Any, and set Allow from all on just that subdirectory. For reference and an example, see http://httpd.apache.org/docs/2.2/mod/core.html#satisfy Hope this helps, Ricky -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFGs4tgZBKKLMyvSE4RAi8cAKCmClu8dUKP0bYqf4hfxX52hhE4YgCg41vy bXEImOYKHLGlPFBZiHp4U08= =rtXJ -END PGP SIGNATURE-
[EMAIL PROTECTED] Problem running https
Hi, I am trying to configure apache to support https using SSL. I followed the instructions provided at the http://www.apacheworld.org/ty24/site.chapter17.html and everything went well. Even the server started without any error but when I try to navigate to my server using browser, it doesnot connect. For more information, I tried to run openssl s-client -connect localhost:443 and the response to this is the following error: CONNECTED(0003) 11591:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:475: I am using apache2.0.59 and I do not root privileges outside the $APACHE_HOME Any help would be much appreciated...:-) cheers junaid - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] allowing only javascript but preventing all else
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Henry Cavillones wrote: > will this work if i just wanted to restrict access to specific types of > files like say js or flvs? > but continue to password protect the entire docroot? If you use Satisfy any and put the allow in a , then it should work. Hope this helps, Ricky -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFGs+zKZBKKLMyvSE4RAqI1AJwLMwsizO5am5B0DC1KPXdDkuoXWACeNJEb 42n7SdjtzLp2+R3ME86zSC8= =Wk0J -END PGP SIGNATURE- - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Named-Based configuration-newbie
Hi! We have Novell SBS 6.5, a tree with 3 servers: 1. Border Manager sp1 2. GroupWise (NAT) sp1 3. WEB (NAT) sp6 - Apache 2, MySQL and PHP. I wish to add a second domain to my WEB server (Apache2) using "Named-Based". I did read the Apache documentation and checked the HTTPD.CONF file, but are some things I'm not sure about them: 1. The original configuration for the first (original) site must remain without changes same info added to the first block. 2. In the original HTTPD.CONF I have to add the line "NameVirtualHost *:80" just before the first block . 3. In the first block, I have to put the info about the first domain same as it appears in the HTTPD.CONF. 4. In the second block, I have to put the info about the second domain. 5. I find in the original HTTPD.CONF the followings: # TABLE: (3) BrowserMatch "MSIE" nokeepalive downgrade-1.0 force-response-1.0 Include "SYS:/qfsearch/WEB-INF/QFRewrite.conf" Shall I change the to ? What is the meaning of instructions in the above block? What else shall I change or add there? Please help TIA Nanu - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
