Re: [users@httpd] httpd reverse proxy pass username per http_header

[Thomas Peter]

Hi,

I just found

http://serverfault.com/questions/207301/get-the-authenticated-user-under-apache

which suggests:

RewriteEngine On
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1]
RequestHeader set X-Remote-User "%{RU}e" env=RU

And that exactly does the trick.

KR
Thomas



On 2015-01-18 17:29, Thomas Peter wrote:

Hi,

I'm trying to put httpd as reverse-proxy in front of a third party
java application (running in tomcat) to handle authentication in
httpd.
The thirdparty app claims to be able to accept the user (that is
authenticated before it hits the app) via http header (I can configure
the http variable where the username is stored.)

Is it possible to pass the username via http_header using httpd?
Out of the box I only found authorization which is base64 encoded
username:password

Thanks!

KR
Thomas

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Re: cross-compiled httpd 2.4.9: Segmentation fault. 0x403428ec in pthread_mutex_lock () from /lib/libc.so.0

[Alex Potapenko]

I managed to solve this myself. It turns out that whenever you link a
binary against libdb, you must also explicitly link it against libpthread,
even though libdb is linked against libpthread itself. Otherwise -
segfault. A target/uClibc/toolchain peculiarity? Very odd, but at least
apache works now.

2015-01-15 15:28 GMT+02:00 Alex Potapenko :

> Dear all!
>
> I'm trying to get httpd to work on my router using optware. I added
> optware target with the same toolchain used to build router's firmware.
> While numerous packages I built so far work fine, launching any binary that
> comes with httpd results in a segfault:
>
> root@unknown:/tmp/home/root# gdb /opt/sbin/httpd
>> GNU gdb (GDB) 7.8.1
>> Copyright (C) 2014 Free Software Foundation, Inc.
>> License GPLv3+: GNU GPL version 3 or later <
>> http://gnu.org/licenses/gpl.html>
>> This is free software: you are free to change and redistribute it.
>> There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
>> and "show warranty" for details.
>> This GDB was configured as "arm-linux".
>> Type "show configuration" for configuration details.
>> For bug reporting instructions, please see:
>> .
>> Find the GDB manual and other documentation resources online at:
>> .
>> For help, type "help".
>> Type "apropos word" to search for commands related to "word"...
>> Reading symbols from /opt/sbin/httpd...done.
>> (gdb) run -d
>> Starting program: /opt/sbin/httpd -d
>> [Thread debugging using libthread_db enabled]
>> Using host libthread_db library "/opt/lib/libthread_db.so.1".
>> Program received signal SIGSEGV, Segmentation fault.
>> 0x403428ec in pthread_mutex_lock () from /opt/lib/libc.so.0
>> (gdb) bt full
>> #0  0x403428ec in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #1  0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #2  0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #3  0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #4  0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #5  0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #6  0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #7  0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #8  0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #9  0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #10 0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #11 0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #12 0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #13 0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #14 0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #15 0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #16 0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #17 0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #18 0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #19 0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #20 0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #21 0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #22 0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> #23 0x40342910 in pthread_mutex_lock () from /opt/lib/libc.so.0
>> No symbol table info available.
>> ---Type  to continue, or q  to quit---q
>> Quit
>> (gdb) info sharedlibrary
>> FromTo  Syms Read   Shared Object Library
>> 0x40019930  0x4001ce90  Yes (*) /lib/ld-uClibc.so.0
>> 0x401bbd1c  0x401db6c8  Yes /opt/lib/libpcre.so.1
>> 0x40129524  0x4013f1e4  Yes /opt/lib/libaprutil.so.0
>> 0x4014bdb8  0x4014eba0  Yes /opt/lib/libgdbm.so.3
>> 0x400ca11c  0x400e6034  Yes /opt/lib/libexpat.so.1
>> 0x401e7118  0x401fb040  Yes /opt/lib/libiconv.so.2
>> 0x40161170  0x4017b60c  Yes /opt/lib/libapr.so.0
>> 0x4018709c  0x401891bc  Yes /opt/lib/libuuid.so.1
>> 0x40192620  0x40192a94  Yes (*) /opt/lib/librt.so.0
>> 0x4019d31c  0x401a9cf8  Yes /opt/lib/libm.so.0
>> 0x402cc4ac  0x402cd

[users@httpd] Proxy pass

[Chris Arnold]

Apache 2.4.10. This use to work: a request from https://share.domain.tld would 
find our Apache server. Apache would pass it to the tomcat app running on the 
same server port 8443. Since going to Apache 2.4.10, this no longer works. Here 
is the vhost:

This rewrites https://share.anydomain.tld to our 
share server
 RewriteEngine On
 RewriteCond %{HTTP_HOST} ^share\.
 RewriteCond %{HTTPS} on
 RewriteCond %{REQUEST_URI} !^/share/
 RewriteRule ^/(.*) https://share.domain.tld:8443/share/ [P]

Is there something extra for this to work on Apache 2.4.10?

Sent from my iPhone

Re: [users@httpd] Proxy pass

[Eric Covener]

On Mon, Jan 19, 2015 at 2:33 PM, Chris Arnold
 wrote:
> Is there something extra for this to work on Apache 2.4.10?

Compared to what previous level?  LogLevel rewrite:trace8 and the
error log would be a big help.

-- 
Eric Covener
cove...@gmail.com

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Not Listening on 443

[Rich Bowen]

On 01/16/2015 11:12 PM, Chris Arnold wrote:


 



One of these defines isn't set.


Where should it be set? The SSL VHost has
  
  
VHost info...
..
  
  
-


Personally, I'd drop all of those IfDefine containers. You know you want 
to run SSL, so there's no point checking various Defines. This will also 
very quickly expose if some prerequisite (like mod_ssl, for example) is 
missing.



--
Rich Bowen - rbo...@rcbowen.com - @rbowen
http://apachecon.com/ - @apachecon

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] RewriteMap values including query strings

[Doug Strick]

I'm working on adding some 301 redirects for some sites we're migrating.
I've been given a large list of 1:1 redirects.  The majority of URLs
include a query string.  I've included the the full 1:1 URL mapping list in
my redirect map text file.  I'm finding issues when testing the URLs that
contain query strings.  I've tried reading the documentation on RewriteMap
and I'm guessing it just doesn't go deep enough to include 1:1 mappings for
query strings.  Below are some example URLs in my rewrite map file.  Any
suggestions on how I should set up my redirects to account for all of them
in 1 rewrite map file?  I'm ok with using different rewrite rule blocks in
my configs, but would prefer not to have to break up this map list as it's
almost 15K lines.  Thanks


http://www.example.com/ --> http://www.test.com/us/en/main.html
http://www.example.com/?ps=1 --> http://www.test.com/us/en/main.html
http://www.example.com/browse.cfm?prdID=99ABCDE-88FG-77HI--66JKLMNOP -->
http://www.test.com/shop/catalog/item/12345
http://www.example.com/pdfs/iteam-A.pdf -->
http://www.test.com/shop/catalog/item/112233
http://www.example.com/Products/View.cfm?cat=ItemClass&ID=0123ABC -->
http://www.test.com/us/en/main/category1/subcategory1/productDetail.html
http://www.example.com/previews/?d=7788 -->
http://www.test.com/us/en/main/category1/subcategory2/productDetail.html
http://www.example.com/Products/Search.cfm?prdID=88900ABCDEF-77GH-66IJ-55KLMNOP
--> http://www.test.com/us/en/main/category1/subcategory2/productDetail.html

[users@httpd] Apache Not Starting

[Chris Arnold]

Apache 2.4.10. I am having 1 heck of a time getting 2.4.10 working. Now, apache 
is not starting:


sudo systemctl start apache2.service
Job for apache2.service failed. See "systemctl status apache2.service" and 
"journalctl -xn" for details.
webtest:~ # systemctl status apache2.service -l
apache2.service - The Apache Webserver
   Loaded: loaded (/usr/lib/systemd/system/apache2.service; enabled)
   Active: failed (Result: exit-code)


The apache log says httpd not running (no pid). I looked in the messages logs 
and that says the same thing. The last thing i did was generate a self-signed 
cert using:


httpd.apache.org/docs/2.4/ssl/ssl_faq.html#selfcert


Apache would start before i did this. Where else can i see more descriptive 
logs?