> But your situation seems to be different. First I do not understand why
> SSL_XXX variables shouldn't be available for your regular CGI
> scripts. Second you say that with ColdFusions CGI handler
> everything works, so why do you want that the Allaire people
> do anything when it already works?
Well, since your adaptations (thank you! ;-) ) the ColdFusion
module loads correctly and seems to have all functionality
as expected... but ... and now it comes ... I want to do
client authentication and then use the information from
the certificate to do look ups in a database for more
specific tayloring of the page.
Now, I have a small test page which shows all mod_ssl
CGI variables on a client authenticated website. Client
authentication works flawlessly but ...
https://192.168.0.44/test.cfm (use the ColdFusion module)
results in no variables shown!
https://192.168.0.44/cgi-bin/cfml.exe?template=/test.cfm
(uses classic CGI scripting)
results in all the variables!
Strange, no?
Christian.
--
ir. Christian Buysschaert - Technical Manager
GlobalSign nv-sa - http://www.globalsign.net
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Ralf S.
> Engelschall
> Sent: woensdag 10 maart 1999 20:08
> To: [EMAIL PROTECTED]
> Subject: Re: EAPI & SSL_XXX variables
>
>
> On Wed, Mar 10, 1999, Christian Buysschaert wrote:
>
> > > While browsing through the mailinglist archives and rereading
> messages,
> > > I've found a message which could solve one of the problems
> I've here...
> > >
> > > I'm using the ColdFusion Apache module and I couldn't access any CGI
> > > variables mod_ssl had set, but if I used the ColdFusion CGI handler
> > > everything worked as expected (variables were there). I saw a message
> > > on mod_perl which talked about the same message and gave this as an
> > > answer...
> > >
> > > "Writing an EAPI interface for mod_perl would be cool. Actually
> > > with EAPI Doug also could solve the nasty "PERL_SSI doesn't work
> > > under DSO" problem, because with EAPI mod_include could use mod_perl
> > > even under the DSO situation. For getting the SSL_XXX variables
> > > from mod_perl all you've to do is to write an XS function which
> > > calls mod_ssl the same way mod_rewrite does it to resolve SSL
> > > variables."
> > >
> > > So, getting the guys at Allaire to compile a EAPI module would
> > > be the solution?
> >
> > Anybody, perhaps Ralf, could confirm this? I need a definitive yes
> > to try to convince Allaire's support lines to compile a EAPI version...
>
> I cannot confirm anything here, because as it looks to me the situation of
> mod_perl I talked about above isn't the same as you described for
> ColdFusion.
> The mod_perl problem is that the users script operated in an
> Apache API phase
> which came _before_ the phase where mod_ssl creates the SSL_XXX
> environment
> variables. But the variables are internally available a lot of time before
> this, of course. So I suggested that with a little bit of code
> which calls
> mod_ssl's variable lookup EAPI hook, the problem could be solved.
>
>
> Ralf S. Engelschall
> [EMAIL PROTECTED]
> www.engelschall.com
> ______________________________________________________________________
> Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
> Official Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
