hi there,
well, i just wanted to write this and let you know what i'm
up to, and also cos i feel like celebrating a bit, i thought
i'd share news on what's been happening with xvl.
i started on xvl eight months ago, it's now what i think raph
levien wanted mod_virgule (running advogato.org) to become,
if you read his release notes.
i'd been meaning to adopt APR lib for quite a while. due to
xvl's origins, as an apache module, i had clearly been thinking
about it far, far longer than it actually took to _do_ the
conversion, which has been about... 4 hours, total, so far
(still have to do apr_lock_xxx(), signals, and also
help with apr_namedpipe_xxx so i can use it :)
were there any problems with using the latest cvs of APR??
urrr.... nope! [great work guys! love it! :)]
when i mentioned xvl on new-httpd 1-month-back, someone there
said, errr, welll... why does xvl have its own authentication?
why not use mod_auth_xxx? well, the reason was because,
and mod_virgule still does, *completely* take over the
handling of a Directory or VirtualHost. and i mean *everything*.
so you lost .htaccess, mime-types, all other mod_xxxes -
_evverrything_.
well, i decided about three days ago that this wasn't good enough,
so... well... it's good enough for me, now, and as a result,
xvl is now a 'registered mime type', _and_, hee hee, i
cut/paste mod_auth and now have mod_auth_xvl. which reminds me.
@begin Official Notice:
Copyright and ownership of the file mod_auth_xvl.c is hereby
assigned unconditionally to the Apache Software Foundation.
[presumably for them to release under the Apache License.]
I'd appreciate it if authorship could remain
'Luke Kenneth Casson Leighton'.
@end Official Notice
i'll do the same for mod_access_xvl when i do it, probly
this w/e.
btw, whoever wrote those two files, mod_auth.c and mod_access.c,
and whoever designed the apache architecture that made it
a trivial, *trivial* task to create different authentication
and access systems in about 3 hours flat... WELL DONE!
i danced round the room a bit when i got my first HTTP
Basic authorization... and danced some more when i got
an authorization failure :) :)
mod_auth_xvl.c doesn't support groups, yet, because... well,
i _did_ put groups into an example xvl codebase, once, but
they turned out to be a bit difficult to conceptually follow
[hey, i'd like to be a member of this group, but not that
one. so i Certify myself as a member of a group, and then
other people - the Admins for the group and all cascading
members from them via the Trust Metric Evaluation - must also
Certify me as a member of the group??? whoo, hooo :) ].
once i have a clear, CLEAR way to think about groups, i'll
add them. at the moment, they're not exactly needed. but
then again, the whole point of xvl - not that it's limited
to it, it's way, way more - is to be a Community Forum Engine
and Document Manipulation Engine.
...but think about it. you want a php page to only be accessed
by a Certified Apprentice-or-above? no problem, just put a section
in httpd.conf or .htaccess:
<XvlDbAccess>
XvlDb /usr/local/virgule
Type AdvogatoDeveloper
MinLevel Apprentice
Seeds raph alan miguel
</XvlDbAccess>
wow, big deal. the only thing you lose by doing this
is flexibility: you can't do individual sub-sections
of pages, like you can with .xvl filetypes, but it's
better than nothing at all, which is the present
situation :) :)
anyway, onward with development-related questions that i hope
you might be able to answer.
1) where can anyone think of appropriate places to do
release notification of xvl? i mean, there's python.org's
announce list, but that's for python. where the heck do
i do a release notification of a new scripting language,
for pity's sake? :) :)
2) during my experimentation with httpd.conf and mod_xvl
and mod_auth_xvl, i came across a bug/problem.
mod_xvl has a directive XvlDb /usr/local/virgule which is
the site database directory location.
mod_auth_xvl needs to read this same directory, but not
necessarily so: you could specify a different XvlDb
directive.
so, what did i do? i added the directive XvlDb to mod_auth_xvl
too - same name, cut/paste code job, in fact.
what happened? apache crashed on every page access.
it seems that it doesn't like two modules having the same
directive names.
so, *groan*, i had to rename the mod_auth_xvl Directive
to AuthXvlDb. which doesn't make me very happy.
how, inside another apache module, if this Directive AuthXvlDb
doesn't exist, do i 'obtain' the string associated with the
Directive named XvlDb which that module _won't_ be responsible
for?
the answer is probably very simple, i just don't know it :)
3) is there anyone out there who is willing to do a code review?
it's only 16,000 LOC. however, i'm a little concerned
that, by using the APR architecture, i may have missed something.
4) anyone out there willing to get involved with this project,
help out developing it - which to be honest i would rather
was a pruning job of *removing* as much code as possible!
LESS IS MORE! :)
anyway.
basically, i'm really enjoying this little project. the
only thing that makes me slightly nervous is that it's,
well... new! new means 'warts'. surprisingly, new _doesn't_
mean 'unstable', here. but i added the dso-loading
(apr_dso_load YESSS :) to help with that, so people can
Roll Their Own, basically.
i added support for <xincludes> and XSL / Transform,
thanks to daniel veillard's advice (and excellent work)
as a result, but even then, you still need xvl as a
'launch' platform because XSLT needs *two* files as input
*and* a table of input-params in order to generate output.
whoopsie :)
all best,
luke
