RE: [us...@httpd] Finally resolved: RHEL5, Apache 2.2.15, mod_authnz_ldap.c -- applies to Solaris, too

This doesn't apply only to RHEL5. Add "--with-ldap-lib=/lib and --with-ldap-include=/include" if you want to use OpenLDAP instead of the Solaris LDAP SDK. On Solaris, if you omit these options, the configure script for apr-util will pick up the Solaris LDAP SDK. > -Original Message- > Fr

Re: [us...@httpd] mod_authnz_ldap AuthLDAPURL problem

On Thu, Mar 18, 2010 at 1:25 PM, wrote: > Hi, > > when I use the following AuthLDAPURL > > "ldap://adserver/ou=city1,dc=abc,dc=com?sAMAccountName?sub?(&(objectClass=user)(!(objectClass=computer)))" > NONE > > I can authenticate any user in "ou" city1. > > If I replace the AuthLDPAURL by > > "lda

[us...@httpd] mod_authnz_ldap AuthLDAPURL problem

Hi, when I use the following AuthLDAPURL "ldap://adserver/ou=city1,dc=abc,dc=com?sAMAccountName?sub?(&(objectClass=user)(!(objectClass=computer)))" NONE I can authenticate any user in "ou" city1. If I replace the AuthLDPAURL by "ldap://adserver/dc=abc,dc=com?sAMAccountName?sub?(&(objectClass

[us...@httpd] Securing some URLs at my Reverse Proxy

I've got a reverse proxy setup using httpd 2.2.8 (on Windoze) on both the rev proxy and the internal (origin) server, along with Tomcat on the origin server with a couple webapps (as .war files) supporting the site. Most of the application is at or near the root (/) of the origin server (/inde

Re: [us...@httpd] Is web server in front of app server necessary?

Thanks. We have our webservers only for the reason that we don't want to have our application servers directly exposed to the internet clients. William made a very good point of having 2 parsers makes it more secure. On Thu, Mar 18, 2010 at 7:58 AM, Mark H. Wood wrote: > Well, another possible ad

[us...@httpd] How to validate the subjectAltName?

Hi, I need to grant access only to some clients that have a specific info in the subjectAltName. I know how to check the name inside the client cert: e.g. SSLRequire ( %{SSL_CLIENT_S_DN_CN} eq "John Smith" ) How to do the same in the subjectAltName? Thanks, Andre -- View this message in con

Re: [us...@httpd] Is web server in front of app server necessary?

Well, another possible advantage is that there are oodles of mod_this, mod_that for HTTPD, which implement all manner of extensions and modifications that people have found useful. You may want some of those extensions or modifications. I haven't seen nearly as many such add-ons for Tomcat. It m

Re: [us...@httpd] mod_fcgid question

Jeff Trawick schrieb: > On Thu, Mar 18, 2010 at 8:22 AM, Matthias Leopold wrote: >> hi, >> >> i'm using mod_fcgid to run php as a suexec cgi on a debian lenny system. >> mod_fcgid version is 2.2 (from debian). although everything seems to >> work basically i'm seeing lines like this >> >> [warn] m

Re: [us...@httpd] mod_fcgid question

On Thu, Mar 18, 2010 at 8:22 AM, Matthias Leopold wrote: > hi, > > i'm using mod_fcgid to run php as a suexec cgi on a debian lenny system. > mod_fcgid version is 2.2 (from debian). although everything seems to > work basically i'm seeing lines like this > > [warn] mod_fcgid: stderr: Cache unable

Re: [us...@httpd] mod_fcgid question

On 03/18/2010 05:52 PM, Matthias Leopold wrote: hi, i'm using mod_fcgid to run php as a suexec cgi on a debian lenny system. mod_fcgid version is 2.2 (from debian). although everything seems to work basically i'm seeing lines like this [warn] mod_fcgid: stderr: Cache unable to open file for wri

[us...@httpd] mod_fcgid question

hi, i'm using mod_fcgid to run php as a suexec cgi on a debian lenny system. mod_fcgid version is 2.2 (from debian). although everything seems to work basically i'm seeing lines like this [warn] mod_fcgid: stderr: Cache unable to open file for writing: cache/956287ab2d93bc91ee48c8b4204c93f1 in a

Re: [us...@httpd] Re: Apache proxy based on condition

I tried this, with no luck. The good part is that the proxy will be always reverse, so it is easy to accomplish only with mod_rewrite. --- On Thu, 3/18/10, Nick Kew wrote: From: Nick Kew Subject: Re: [us...@httpd] Re: Apache proxy based on condition To: users@httpd.apache.org Date: Thursday,

Re: [us...@httpd] Exiting process doesn't trigger ErrorDocument 500

On 16 Mar 2010, at 21:00, ARTHUR GOLDBERG wrote: > Is there a way to configure this, or another way to provide some error output > to a browser that sent a Request that caused the server process to die? Error 500 is totally different to server dying. If you could bail out without dying (soft

Re: [us...@httpd] Re: Apache proxy based on condition

On 15 Mar 2010, at 19:42, alin vasile wrote: > Hi All, > >I am configuring a reverse proxy with Apache 2.2 and I need for certain > conditions to make a request to another proxy. Presumably this other proxy is a forward proxy? If it's a reverse proxy you don't need to do anything. > For

Re: [us...@httpd] configure one file with multiple mime types?

On 16 Mar 2010, at 00:00, Jack Bates wrote: > How can I configure one file with multiple mime types? Use mod_negotiation. -- Nick Kew - The official User-To-User support forum of the Apache HTTP Server Project. See http://htt

Re: [us...@httpd] PHP 4 and 5

On Thu, 18 Mar 2010 06:50:00 +0530 Nilesh Govindarajan wrote: > On 03/18/2010 03:24 AM, Bob Cohen wrote: > > Is is possible to run php4 and 5 on the same apache server? > > > > Bob > Use mod_fcgid or mod_fastcgi. Both will do. Lot of stuff is in > Google. Search ! > yes, or you can use one php