Re: [EMAIL PROTECTED] PerlSetEnv in .htaccess ?

[Torsten Foertsch]

On Thu 24 Jan 2008, abhishek jain wrote:
> > The server might not have mod_perl support and that's why it could make
> > that error.
>
> Hi, i do not have access to error log as well, i am on a shared hosting,

I really doubt that a shared hoster that denies access to the error_log 
supports mod_perl. Even if so Embperl at least with mp2.x requires an extra 
LoadModule. To check if your server supports mod_perl at first I'd check the 
ServerTokens it sends with each reply:

curl -I http://localhost
HTTP/1.1 200 OK
Date: Thu, 24 Jan 2008 08:07:34 GMT
Server: Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.8e DAV/2 SVN/1.4.5 
mod_apreq2-20051231/2.6.0 mod_perl/2.0.4-dev Perl/v5.8.8

You see my localhost supports mod_perl version 2.0.4-dev. If it reads only

Server: Apache

then the administrator has configured the minimal server tokens. That does not 
mean you don't have mod_perl.

The next step would be a simple PerlResponseHandler something like that in 
your .htaccess (in case of mp2):

PerlResponseHandler "sub { \
  use Apache2::RequestRec; \
  use Apache2::RequestIO; \
  $_[0]->content_type( q{text/plain} ); \
  $_[0]->print(qq{OK\\n}); \
  return 0; \
}"

All untested of course. Try it first on a local host where you are sure you 
have mod_perl and access to the error_log.

If that works you have mod_perl2. But Embperl is another problem.

Torsten

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var Problem

[Tony Molloy]

Hi,

I've installed bugzilla onto a CentOS-5 server. It is running as a virtual 
host on the server and seems to work OK except for a few problems.

Bugzilla is installed into /usr/share/bugzilla and in /etc/httpd/conf.d I've 
got the following bugzilla conf file

Alias /bugzilla /usr/share/bugzilla
  

  AddHandler cgi-script .cgi
  Options +Indexes +ExecCGI +FollowSymLinks
  DirectoryIndex index.cgi
  AllowOverride Limit



Now when I run bugzilla it needs to read /etc/bugzilla/localconfig to pick up 
it's local configuration.

I get the following in the access log:

bugzilla.x.y.z - -  "GET /bugzilla//etc/bugzilla/localconfig
   HTTP/1.1" 404 1011^^^

and in the error log

[error] [client 10.220.1.155] File does not exist: /usr/share/bugzilla/etc

How can I get apache to look in the correct directory /etc/bugzilla/ instead 
of /bugzilla//etc/bugzilla for the config file.

I've tried putting in a symbolic link from /usr/share/bugzilla/etc to /etc and 
that doesn't work.

Regards,

Tony





   

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var

[Tony Molloy]

Hi,

Sorry for mailing this twice but I had the wrong subject the first time ;-(

I've installed bugzilla onto a CentOS-5 server. It is running as a virtual 
host on the server and seems to work OK except for a few problems.

Bugzilla is installed into /usr/share/bugzilla and in /etc/httpd/conf.d I've 
got the following bugzilla conf file

Alias /bugzilla /usr/share/bugzilla
  

  AddHandler cgi-script .cgi
  Options +Indexes +ExecCGI +FollowSymLinks
  DirectoryIndex index.cgi
  AllowOverride Limit



Now when I run bugzilla it needs to read /etc/bugzilla/localconfig to pick up 
it's local configuration.

I get the following in the access log:

bugzilla.x.y.z - -  "GET /bugzilla//etc/bugzilla/localconfig
   HTTP/1.1" 404 1011^^^

and in the error log

[error] [client 10.220.1.155] File does not exist: /usr/share/bugzilla/etc

How can I get apache to look in the correct directory /etc/bugzilla/ instead 
of /bugzilla//etc/bugzilla for the config file.

I've tried putting in a symbolic link from /usr/share/bugzilla/etc to /etc and 
that doesn't work.

Regards,

Tony

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] mod_proxy not handling redirects correctly

[Dani Pardo]

 Hi all, I have an environment in which I reverse proxy some servers
depending on the value of a cookie, that is:

RewriteCond %{HTTP_COOKIE} ^.*destination_host=host1.*$
RewriteRule (.+) http://www.host1.com$1 [P]
RewriteCond %{HTTP_COOKIE} ^.*destination_host=host2.*$
RewriteRule (.+) http://www.host2.com$1 [P]

 The idea is that I reverse proxy everything to either www.host1.com
or www.host2.com depending on the value of the cookie
"destination_host".
 That's working correctly at the moment, the problem comes when the
target (host1 or host2) sends a redirect, which doesn't get reverse
proxied, and thus the browser goes directly to www.host1.com or
www.host2.com.
  I could add

ProxyPassReverse / http://www.host1.com

 Which will adapt the response of the redirect, but I need this rule
to depend also on the value of the cookie "destination_host".
 The question is, is there any way to ProxyPassReverse depending on
the value of a cookie? Or should it be done automatically by
mod_rewrite with [P]? If so, is it a bug, or am I just doing something
wrong?

  Any clue appreciated,

--
Dani

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] mod_proxy not handling redirects correctly

[Charles Goyard]

Hi,

Dani Pardo wrote :
>  Hi all, I have an environment in which I reverse proxy some servers
> depending on the value of a cookie, that is:
> 
> RewriteCond %{HTTP_COOKIE} ^.*destination_host=host1.*$
> RewriteRule (.+) http://www.host1.com$1 [P]
> RewriteCond %{HTTP_COOKIE} ^.*destination_host=host2.*$
> RewriteRule (.+) http://www.host2.com$1 [P]
> 
>  The idea is that I reverse proxy everything to either www.host1.com
> or www.host2.com depending on the value of the cookie
> "destination_host".
>  That's working correctly at the moment, the problem comes when the
> target (host1 or host2) sends a redirect, which doesn't get reverse
> proxied, and thus the browser goes directly to www.host1.com or
> www.host2.com.

You should add both ProxyPassReverse :

ProxyPassReverse / http://www.host1.com/
ProxyPassReverse / http://www.host2.com/

it will do the trick.

Regards,

-- 
Charles Goyard - [EMAIL PROTECTED] - (+33) 1 45 38 01 31
Orange Business Services - online multimedia  // ingénierie

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] mod_proxy not handling redirects correctly

[Axel-Stephane SMORGRAV]

You need  

ServerName www.mysite.com
ProxyPassReverse / http://www.host1.com/
ProxyPassReverse / http://www.host2.com/

What ProxyPassReverse does is simply rewriting the Location headers that match 
the second argument:

If the Location header of the HTTP 30[12] (redirect) starts with 
http://www.host1.com/, it will be rewritten to http://www.mysite.com/.
If the Location header of the HTTP 30[12] (redirect) starts with 
http://www.host2.com/, it will be rewritten to http://www.mysite.com/ as well.


-ascs
 
-Message d'origine-
De : Dani Pardo [mailto:[EMAIL PROTECTED] 
Envoyé : jeudi 24 janvier 2008 15:05
À : users@httpd.apache.org
Objet : [EMAIL PROTECTED] mod_proxy not handling redirects correctly


 Hi all, I have an environment in which I reverse proxy some servers depending 
on the value of a cookie, that is:

RewriteCond %{HTTP_COOKIE} ^.*destination_host=host1.*$
RewriteRule (.+) http://www.host1.com$1 [P]
RewriteCond %{HTTP_COOKIE} ^.*destination_host=host2.*$
RewriteRule (.+) http://www.host2.com$1 [P]

 The idea is that I reverse proxy everything to either www.host1.com or 
www.host2.com depending on the value of the cookie "destination_host".
 That's working correctly at the moment, the problem comes when the target 
(host1 or host2) sends a redirect, which doesn't get reverse proxied, and thus 
the browser goes directly to www.host1.com or www.host2.com.
  I could add

ProxyPassReverse / http://www.host1.com

 Which will adapt the response of the redirect, but I need this rule to depend 
also on the value of the cookie "destination_host".
 The question is, is there any way to ProxyPassReverse depending on the value 
of a cookie? Or should it be done automatically by mod_rewrite with [P]? If so, 
is it a bug, or am I just doing something wrong?

  Any clue appreciated,

--
Dani

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] mod_proxy not handling redirects correctly

[Dani Pardo]

On Jan 24, 2008 3:24 PM, Axel-Stephane  SMORGRAV
<[EMAIL PROTECTED]> wrote:
> You need
>
> ServerName www.mysite.com
> ProxyPassReverse / http://www.host1.com/
> ProxyPassReverse / http://www.host2.com/
>
> What ProxyPassReverse does is simply rewriting the Location headers that 
> match the second argument:
>
> If the Location header of the HTTP 30[12] (redirect) starts with 
> http://www.host1.com/, it will be rewritten to http://www.mysite.com/.
> If the Location header of the HTTP 30[12] (redirect) starts with 
> http://www.host2.com/, it will be rewritten to http://www.mysite.com/ as well.
>

 Thanks very much, that worked fine. I had the wrong concept about
ProxyPassReverse, now I see how it works.

--
Dani

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Re: PerlSetEnv in .htaccess ?

[Dragon]

abhishek jain wrote:

On second thoughts is there a method by which i can execute some 
piece of code to execute even before my scripts are called, remember 
i am on a shared host,

abhi

 End original message. -

Child Perl programs inherit the environment of their parent, so 
setting the variable in a wrapper before calling the other script would work.


The best way is to get your hosting provider to help you set what you 
need in the main httpd.conf but if they won't do that, this will work.




Dragon

~~~
 Venimus, Saltavimus, Bibimus (et naribus canium capti sumus)
~~~


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Page faults on Windows

[Daniel Barrett]

Our Apache 2.2 server, running on Windows 2003 Server, generates massive
numbers of page faults. Every web page hit generates 3000 page faults or
more;   Is this normal?  If not, any suggestions for which settings to
tweak first?

The httpd.conf file hasn't been changed much from the default.  I'll be
happy to post it if that helps.

There is plenty of RAM (2 gigabytes).  It's a VMware virtual machine if
that matters.

Also, the only web application on the machine is MediaWiki (version
1.11.0).

Thanks for any advice.

DanB

[EMAIL PROTECTED] AuthBasicProvider ldap dbd not failing through

[paredes]

Greetings!

I've successfully built apache2.2.8 with all the appropriate modules 
[mod_authn*, mod_authz*, mod_dbd*, mod_ldap* etc etc] for ldap & mysql 
support. An ldap [valid-user] protected area works fine. A mysql 
[valid-user] protected area works fine. A mysql [require-dbd-group] 
group protected area works fine.


However,  when I use the "AuthBasicProvider ldap dbd" directive to 
protect an area with ldap "failing through" to mysql the fall through 
never occurs. Authentication / authorization seemingly gets "stuck" on 
the first AuthBasicProvider argument. The 2nd argument is always ignored.


I explored this further by setting up a truth table where the 
AuthBasicProvider arguments were swapped, the AuthLDAPURL & 
AuthDBDUserPWQuery order were swapped,  AuthzLDAPAuthoritative on/off 
was toggled, & AuthBasicAuthoritative on/off was toggled. In all cases 
the results indicate that only the 1st AuthBasicProvider argument gets 
read while the 2nd is ignored.


I'm building apache with mod_dbd_mysql.c copied from apr-util-1.2.12 
into httpd-2.2.8/srclib/apr-util/dbd


This is the configure I used:

CFLAGS='-DHAVE_MYSQL_H -I/usr/local/mysql/include 
-L/usr/local/mysql/lib' ./configure --with-apr=/usr/local/apr  
--with-apr-util=/usr/local/apr-util --enable-mods-shared=most 
--enable-ldap --enable-authnz-ldap --enable-deflate  --disable-userdir  
--disable-cgi  --disable-cgd --disable-auth-anon --disable-auth-dbm 
--disable-expires --disable-headers --disable-status --disable-dav 
--disable-dav-fs --disable-vhost-alias --disable-speling 
--disable-rewrite --disable-ext-filter --enable-authn-alias


I then compiled mod_authz_dbd  with "apxs -c -i -a mod_authz_dbd.c 
mod_authz_dbd.h"


This is the directory in question:


Options FollowSymLinks
AllowOverride None
AuthType Basic
AuthName "ldap2mysql"
AuthBasicProvider ldap dbd
AuthzLDAPAuthoritative off
AuthLDAPURL "ldap://ourldapserver/ou=people . . ."
AuthBasicAuthoritative on
AuthDBDUserPWQuery "SELECT password FROM mysqlauth WHERE user=%s"
Require valid-user


The mysql general.log and local.err logs show that a dbd connection is 
not made. The apache error logs [debug] show that only LDAP connects. 
[likewise, if dbd is the 1st provider only mysql shows a connection but 
not ldap.]


Even though I know that the modules were refactored to prevent load 
order from being an issue, I've just started to systematically change 
the module load order so that all the ldap modules come before the dbd 
modules but this has not resolved the issue . Our existing education 
server which I'd like to upgrade from apache 2.0.58 uses mod_auth_mysql 
and it requires a specific load order in order to work with apache's 
built in ldap.


Can anyone give me  a hint  on the next step I should take in 
troubleshooting?


Regards,

Bill Paredes
Computer Based Education
Albert Einstein College of Medicine


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] jk_mod switching URLs?

[Hehl, Thomas]

I have httpd running on a Redhat 3 box as a load balancer to two other
redhat servers in a tomcat 6.0 cluster. 

 

If I connect directly to one of the cluster servers, I can test my
application with no issues. When I go to the load balancer and run the same
test, I can log on and click on one link, but when I click on the second
link, it changes the URL from
http://loadserver/myapp/do/workflogMgr?flowName=personalInfo
  to
http://loadserver/myapp/myapp/index.html
  and throws a 404 since
myapp/myapp isn't valid.

 

Here is the information in access_log in httpd/logs:

 

192.168.205.58 - - [14/Jan/2008:15:07:14 -0500] "GET
/myapp/do/workflowMgr?flowName=personalInfo HTTP/1.1" 404 1015
"http://lexlinux7/myapp/do/login"; "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11"

 

JKMount /myapp* myapp

 

Does anyone have any ideas as to what might be causing this issue?

 

Thanks.

Thom Hehl
Sr. eJuror Architect

* Office (859) 277-8800 x 144

* [EMAIL PROTECTED]   
ACS, Inc.

Government Solutions

1733 Harrodsburg Road
Lexington, KY 40504-3617

This e-mail message, including any attachments, is for the sole use of the
intended recipient(s) and may contain confidential and privileged
information. Any unauthorized review, use, disclosure or distribution is
prohibited. If you are not the intended recipient, please contact the sender
by reply e-mail and destroy all copies of the original message and notify
sender via e-mail at [EMAIL PROTECTED]
  or by telephone at 859-277-8800 ext. 144.
Thank you.

 

Re: [EMAIL PROTECTED] AuthBasicProvider ldap dbd not failing through

[Eric Covener]

On Jan 24, 2008 2:22 PM, paredes <[EMAIL PROTECTED]> wrote:
> Greetings!
>
> I've successfully built apache2.2.8 with all the appropriate modules
> [mod_authn*, mod_authz*, mod_dbd*, mod_ldap* etc etc] for ldap & mysql
> support. An ldap [valid-user] protected area works fine. A mysql
> [valid-user] protected area works fine. A mysql [require-dbd-group]
> group protected area works fine.
>
> However,  when I use the "AuthBasicProvider ldap dbd" directive to
> protect an area with ldap "failing through" to mysql the fall through
> never occurs. Authentication / authorization seemingly gets "stuck" on
> the first AuthBasicProvider argument. The 2nd argument is always ignored.

When you're testing the two AuthBasicProvider's, are they both hitting
their respective "user not found" case?

For LDAP, this is normally not being able to convert the basic auth
username into a DN on the LDAP server.

If for some reason your testcase has some kind of later authn failure,
it might result in the modules telling mod_auth_basic "yes, i'm
supposed to handle this but it's a bad userid".

-- 
Eric Covener
[EMAIL PROTECTED]

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Mass virtual host

[Lukáš Fendrych]

 

Hello there!

I using dynamic mass virtual host (one virtual host record in config,
mod_rewrite). I thinking what is the best for mass virtual host?   One
record = one domain or one record = all domains? For 100+ domains? Thanks
for yours ideas.

Re: [EMAIL PROTECTED] AuthBasicProvider ldap dbd not failing through

[Eric Covener]

On Jan 24, 2008 2:39 PM, Eric Covener <[EMAIL PROTECTED]> wrote:
> For LDAP, this is normally not being able to convert the basic auth
> username into a DN on the LDAP server.

I just verified that on 2.2.8 mod_authnz_ldap "gets out of the way"
for authentication when it's first and can't lookup a userid.

-- 
Eric Covener
[EMAIL PROTECTED]

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] AuthBasicProvider ldap dbd not failing through

[paredes]

Hi!

Only the 1st provider hits and returns "user not found" or "password 
mismatch". The 2nd provider is never seen. I had expected to see some 
type of error related to the 2nd provider. In the case where I use 
"AuthBasicProvider ldap dbd" & provide a valid ldap user:password the 
logs show ldap correctly authenticating/authorizing. When I provide a 
valid mysql only user:password, the logs show that ldap fails but no 
other action is taken.


When the arguments are reversed, and a valid mysql user:password is 
presented the logs shows a hit with mysql correctly authenticating. But 
when I provide an ldap only user:password the logs show mysql correctly 
rejecting the user but no ldap activity.


Regards,
-bill



Eric Covener wrote:

On Jan 24, 2008 2:22 PM, paredes <[EMAIL PROTECTED]> wrote:
  

Greetings!

I've successfully built apache2.2.8 with all the appropriate modules
[mod_authn*, mod_authz*, mod_dbd*, mod_ldap* etc etc] for ldap & mysql
support. An ldap [valid-user] protected area works fine. A mysql
[valid-user] protected area works fine. A mysql [require-dbd-group]
group protected area works fine.

However,  when I use the "AuthBasicProvider ldap dbd" directive to
protect an area with ldap "failing through" to mysql the fall through
never occurs. Authentication / authorization seemingly gets "stuck" on
the first AuthBasicProvider argument. The 2nd argument is always ignored.



When you're testing the two AuthBasicProvider's, are they both hitting
their respective "user not found" case?

For LDAP, this is normally not being able to convert the basic auth
username into a DN on the LDAP server.

If for some reason your testcase has some kind of later authn failure,
it might result in the modules telling mod_auth_basic "yes, i'm
supposed to handle this but it's a bad userid".

  



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] AuthBasicProvider ldap dbd not failing through

[Eric Covener]

On Jan 24, 2008 3:13 PM, paredes <[EMAIL PROTECTED]> wrote:
> Hi!
>
> Only the 1st provider hits and returns "user not found" or "password
> mismatch". The 2nd provider is never seen. I had expected to see some
> type of error related to the 2nd provider. In the case where I use
> "AuthBasicProvider ldap dbd" & provide a valid ldap user:password the
> logs show ldap correctly authenticating/authorizing. When I provide a
> valid mysql only user:password, the logs show that ldap fails but no
> other action is taken.
>
> When the arguments are reversed, and a valid mysql user:password is
> presented the logs shows a hit with mysql correctly authenticating. But
> when I provide an ldap only user:password the logs show mysql correctly
> rejecting the user but no ldap activity.
>

Can you try LDAP and File (as in htpasswd -c ...)?  This worked for me
in both directions.


-- 
Eric Covener
[EMAIL PROTECTED]

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] AuthBasicProvider ldap dbd not failing through

[paredes]

I shudder to think about doing this for 720 medical students, some 1200 
house staff, another 1000 or so affiliated faculty. However, being that 
you mention "file" below, it's worth exploring if I can set up 
AuthBasicProvider with a null or empty file [AuthBasicProvider file ldap 
dbd] so that ldap and dbd are not 1st on the list.


Thanks,
-bill


Eric Covener wrote:

On Jan 24, 2008 3:13 PM, paredes <[EMAIL PROTECTED]> wrote:
  

Hi!

Only the 1st provider hits and returns "user not found" or "password
mismatch". The 2nd provider is never seen. I had expected to see some
type of error related to the 2nd provider. In the case where I use
"AuthBasicProvider ldap dbd" & provide a valid ldap user:password the
logs show ldap correctly authenticating/authorizing. When I provide a
valid mysql only user:password, the logs show that ldap fails but no
other action is taken.

When the arguments are reversed, and a valid mysql user:password is
presented the logs shows a hit with mysql correctly authenticating. But
when I provide an ldap only user:password the logs show mysql correctly
rejecting the user but no ldap activity.




Can you try LDAP and File (as in htpasswd -c ...)?  This worked for me
in both directions.


  


On Jan 24, 2008 2:39 PM, Eric Covener <[EMAIL PROTECTED]> wrote:


> For LDAP, this is normally not being able to convert the basic auth
> username into a DN on the LDAP server.
  


I just verified that on 2.2.8 mod_authnz_ldap "gets out of the way"
for authentication when it's first and can't lookup a userid.

-- Eric Covener [EMAIL PROTECTED]


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] AuthBasicProvider ldap dbd not failing through

[Eric Covener]

On Jan 24, 2008 3:36 PM, paredes <[EMAIL PROTECTED]> wrote:
> I shudder to think about doing this for 720 medical students, some 1200
> house staff, another 1000 or so affiliated faculty. However, being that
> you mention "file" below, it's worth exploring if I can set up
> AuthBasicProvider with a null or empty file [AuthBasicProvider file ldap
> dbd] so that ldap and dbd are not 1st on the list.

I only meant for debugging purposes...


-- 
Eric Covener
[EMAIL PROTECTED]

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Debugging

[Hehl, Thomas]

I'm on the latest version of httpd 2.0. Is there a way to turn debugging on
so I can get extended logging information?

 

Thanks.

 

Thom Hehl
Sr. eJuror Architect

* Office (859) 277-8800 x 144

* [EMAIL PROTECTED]   
ACS, Inc.

Government Solutions

1733 Harrodsburg Road
Lexington, KY 40504-3617

This e-mail message, including any attachments, is for the sole use of the
intended recipient(s) and may contain confidential and privileged
information. Any unauthorized review, use, disclosure or distribution is
prohibited. If you are not the intended recipient, please contact the sender
by reply e-mail and destroy all copies of the original message and notify
sender via e-mail at [EMAIL PROTECTED]
  or by telephone at 859-277-8800 ext. 144.
Thank you.

 

[EMAIL PROTECTED] Compiling Apache with mod_proxy_html

[Al Sparks]

I'm trying to get apache 2.0.61 working.

I use the following configure parameters:

 ./configure
   --enable-deflate \
   --enable-headers \
   --enable-proxy \
   --enable-proxy-connect \
   --enable-proxy-http \
   --enable-rewrite \
   --enable-so \
   --enable-ssl


Do a "make" and "make install", but when I attempt to start it, I get:

  $ apachectl startssl
  Syntax error on line 238 of /usr/local/apache2/conf/httpd.conf:
  Cannot load /usr/local/apache2/modules/mod_proxy_html.so into server: 
/usr/local/apache2/modules/mod_proxy_html.so: cannot open shared object file: 
No such file or directory

 $ httpd -l
 Compiled in modules:
  core.c
  mod_access.c
  mod_auth.c
  mod_include.c
  mod_deflate.c
  mod_log_config.c
  mod_env.c
  mod_headers.c
  mod_setenvif.c
  mod_proxy.c
  proxy_connect.c
  proxy_ftp.c
  proxy_http.c
  mod_ssl.c
  prefork.c
  http_core.c
  mod_mime.c
  mod_status.c
  mod_autoindex.c
  mod_asis.c
  mod_cgi.c
  mod_negotiation.c
  mod_dir.c
  mod_imap.c
  mod_actions.c
  mod_userdir.c
  mod_alias.c
  mod_rewrite.c
  mod_so.c

Note that mod_proxy is compiled in.  What am I missing?
   === Al



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] AuthBasicProvider ldap dbd not failing through

[paredes]

Hi!

It was an interesting experiment. You're correct. "AuthBasicProvider 
file ldap", or "ldap file" or "file dbd" or "dbd file" either 
authenticate or fail through correctly. Looks like ldap and dbd can't 
co-exist at least as apache 2.2.8.


Regards,
-bill


Eric Covener wrote:

On Jan 24, 2008 3:36 PM, paredes <[EMAIL PROTECTED]> wrote:
  

I shudder to think about doing this for 720 medical students, some 1200
house staff, another 1000 or so affiliated faculty. However, being that
you mention "file" below, it's worth exploring if I can set up
AuthBasicProvider with a null or empty file [AuthBasicProvider file ldap
dbd] so that ldap and dbd are not 1st on the list.



I only meant for debugging purposes...


  



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Can Apache Proxy server to proxy the HTTP requests to the backend HTTPS/SSL server?

[Qingshan Xie]

Dear Friends, 

   We configured a HTTPS proxy server successfully to server the HTTPS 
requests.  However, we also want to configure a HTTP proxy server to handle the 
HTTP requests but proxy the HTTP requests to the backend SSL(or HTTPS) server.  
The request flow is as below, 

HTTP request ==> proxy server ==> HTTPS( or SSL) server?

Can Apache proxy do it?  Please help.

Many Thanks, 
Q.Xie




  

Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  
http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ 


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Compiling Apache with mod_proxy_html

[Al Sparks]

I got it figured out.  For some reason or other, I didn't realize that
mod_proxy_html is a 3rd party module that needs to be compiled with
apxs.
   === Al

- Original Message 
From: Al Sparks <[EMAIL PROTECTED]>
To: Apache Users 
Sent: Thursday, January 24, 2008 11:48:23 AM
Subject: [EMAIL PROTECTED] Compiling Apache with mod_proxy_html


I'm trying to get apache 2.0.61 working.

I use the following configure parameters:

 ./configure
   --enable-deflate \
   --enable-headers \
   --enable-proxy \
   --enable-proxy-connect \
   --enable-proxy-http \
   --enable-rewrite \
   --enable-so \
   --enable-ssl


Do a "make" and "make install", but when I attempt to start it, I get:

  $ apachectl startssl
  Syntax error on line 238 of /usr/local/apache2/conf/httpd.conf:
  Cannot load /usr/local/apache2/modules/mod_proxy_html.so into server:
 /usr/local/apache2/modules/mod_proxy_html.so: cannot open shared
 object file: No such file or directory

 $ httpd -l
 Compiled in modules:
  core.c
  mod_access.c
  mod_auth.c
  mod_include.c
  mod_deflate.c
  mod_log_config.c
  mod_env.c
  mod_headers.c
  mod_setenvif.c
  mod_proxy.c
  proxy_connect.c
  proxy_ftp.c
  proxy_http.c
  mod_ssl.c
  prefork.c
  http_core.c
  mod_mime.c
  mod_status.c
  mod_autoindex.c
  mod_asis.c
  mod_cgi.c
  mod_negotiation.c
  mod_dir.c
  mod_imap.c
  mod_actions.c
  mod_userdir.c
  mod_alias.c
  mod_rewrite.c
  mod_so.c

Note that mod_proxy is compiled in.  What am I missing?
   === Al



-
The official User-To-User support forum of the Apache HTTP Server
 Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Dynamic text-file created by PHP

[Kent Larsson]

Hi,

I want to create a dynamic textfile using PHP for each request of it. If the
users asks for http://server/textfile.txt I want a PHP-script to execute and
serve the textual data completely transparent to the user. This is a "single
case" so associating all txt-files with PHP is not what I would like to do.

Which method would be the cleanest to use in this case? It's not a complex
rewrite.


Best regards,
Kent