Can we please make sure these make it to gui-dev? Other people need to see this discussion.
> > > But I maybe you didn't got my concern here. I will explain. > > > As I understand it you have the configuration variables in memory, > > > but how do they go into Apache for configuration?? > > > As you know, Apache is written in the C-language. Or do you want to > > > go for the option where your configuration tool write in a file > > > and then gives Apache a 'SIGHUP'?? > > > > > > Bingo- as a start we'd just "communicate" with apache via it's config > files. In future, once this whole system is up and operational and > there is perhaps a mod_monitor or mod_snmp then we can gradually fold > this functionality into the server. To my thinking the server would > have to be threaded before something like this could come to pass so > first things first. But using SNMP as a configuration language from the > start would make this this integration much easier and keep the number > of protocols required down to a minimum of one. But..But... Harrie has already written a mod_snmp. This is where I don't agree. The SNMP functionality needs to go in the server. As he pointed out, we will need to write the config MIB, but I'm excited to have a look at his tool to generate the C code from the MIB. > > > This part is what I not completely get, maybe you can explain this?? > > > An SNMP solution should be that the SNMP agent inside Apache > > > completely configures it. Something as the configuration tool > > > speak SNMP with the Apache agent and the SNMP-SET changes > > > directly the appriopriate variables in Apache (runtime). > > > > > > HH > > > Right now the configuration server would be a separate process on the > machine hosting the web server. The configuration server would read and > then write changes to the configuration files and then HUP the web > server. We can have the configuration server find out about the modules > installed in the web server by parsing the result of apache -h (I think > this is the flag- there's a flag which causes apache to spit out info on > which modules/options are compiled in similar to the information > displayed by mod_config.) In my opinion, the config server is just an added exercise that really isn't needed. You probably weren't aware that Harrie has given us a start with mod_snmp. > All the authorization can be handled by sockets or SNMP (built in > there). Hopefully we won't have to deal with CGI... We can do things > without encryption, etc. at first and then fold that in- we just have to > keep security in mind during the build. If the broker (glue between the > application code and classes doing the actual communication) is built > correctly, we can plug in authorization with minimal changes to the > application source. > > > p.s. Randy: Don't forget will use RSA keys in the password auth. part, > > does CGI supports them? I think that you would be better off writing a key authentication module for Apache.
