push_handlers and PerlAuthenHandler troubles
For a particular Location, I'd like to selectively (i.e., based on
arbitrary criteria) determine whether a visitor needs authentication.
So I set up a Location section in httpd.conf as follows:
Location /
AuthType Apache::AuthTicket
AuthName HomeIntranet
PerlAuthenHandler Intranet::CheckSiteAuthen
#PerlAuthenHandler Apache::AuthTicket-authenticate
PerlAuthzHandler Apache::AuthTicket-authorize
require valid-user
/Location
Intranet::CheckSiteAuthen looks like:
---[start]-
package Intranet::CheckSiteAuthen;
use strict;
use DBI;
use Apache::Constants qw(:common);
use Intranet::common;
use Data::Dumper;
sub handler {
my $r = shift;
$r-warn(starting CheckSiteAuthen);
$r-push_handlers(PerlAuthenHandler = 'Apache::AuthTicket-authenticate');
return DECLINED;
}
1;
---[end]-
But when I try to access a location under that configuration,
I see in my error log:
[Mon Jun 25 18:33:55 2001] [crit] [client 192.168.10.15] configuration error:
couldn't check user. No user file?: /u/IntranetLoginForm
(/u/IntranetLoginForm is the login CGI form that Apache::AuthTicket
uses).
All I'm trying to do at this point is set up a PerlAuthenHandler that
passes control to another one (Apache::AuthTicket-authenticate).
Of course, everything works with the configuration
Location /
AuthType Apache::AuthTicket
AuthName HomeIntranet
#PerlAuthenHandler Intranet::CheckSiteAuthen
PerlAuthenHandler Apache::AuthTicket-authenticate
PerlAuthzHandler Apache::AuthTicket-authorize
require valid-user
/Location
Any suggestions for me?
Thanks,
--
Steve Chadsey [EMAIL PROTECTED]
So drink to forget and drown all your sorrows
Bury your dreams and choose catharsis!
-- Sentenced, Nepenthe
CGI Script don´t run under Linux´s Apache
Hello, I spent a couple of days and nights getting the Apache 1.3 running - Now I run some tests with simple CGI-Scripts which were working on another webserver very well AND everytime I try to run the Perl script from cgi-bin I get the well known ERROR 500 message. On other machines they are running. I guess I misconfigured the Apache How can I get the CGI-Scripts running??? Every hint is worth of gold MfG Oliver Etzel
mod_perl/dynaloader problem...
Sorry if this is a known problem, but I didn't see anything in the archives and I've installed these a bunch of times before without a problem Mandrake 8.0 perl-5.6.1 mod_perl-1.25 apache-1.3.20 I had problems compiling Apache::Request with the default Mandrake perl/apache packages, so I downloaded the latest stable versions and built using the flexible way where mod_perl is statically linked (but I do enable DSO in case there are other modules I'll need later) things seem to work pretty well, but if I try to use Apache::Request in my startup.pl script (or a module) I get the following: [Thu Jun 28 11:20:17 2001] [error] Can't load '/usr/contrib/lib/perl5/site_perl/5.6.1/i686-linux/auto/Apache/Request/Request.so' for module Apache::Request: libapreq.so.0: cannot load shared object file: No such file or directory at /usr/contrib/lib/perl5/5.6.1/i686-linux/DynaLoader.pm line 206. at /usr/contrib/lib/perl5/site_perl/5.6.1/i686-linux/mod_perl.pm line 14 Compilation failed in require at /usr/contrib/httpd/conf/startup.pl line 8. BEGIN failed--compilation aborted at /usr/contrib/httpd/conf/startup.pl line 8. Compilation failed in require at (eval 1) line 1. The file exists and I've checked permissions (both looking at the directory structure and su - nobody and ran nm on Request.so) they look fine. The directories it's using (/usr/contrib) is where I have my version of perl installed. I can also run startup.pl outside of mod_perl and it works fine, I got a similar error from Image::Magick, so it seems to be a problem with the dynaloader module when it's embedded in mod_perl. Any help would be greatly appreciated, thanks! -- [EMAIL PROTECTED]
Re: [Apache] Re: [CGI] CGI Script don´t run under Linux´s Apache
Hello People, OK I looked into the Error_Log there it is written: Premature end of script header What can it be? Olli - Original Message - From: Phil Buckley [EMAIL PROTECTED] To: Oliver [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, June 28, 2001 6:34 PM Subject: [Apache] Re: [CGI] CGI Script don´t run under Linux´s Apache The first step would be to check the error logs... It sounds like you may have to modify the httpd.conf file to give permissions to execute cgi scripts, or the cgi-bin alias might be wrong, could be alot of things, but start with the error log, try looking in /usr/local/apache/logs/error_log *** REPLY SEPARATOR *** On 6/28/2001 at 6:14 PM Oliver wrote: Hello, I spent a couple of days and nights getting the Apache 1.3 running - Now I run some tests with simple CGI-Scripts which were working on another webserver very well AND everytime I try to run the Perl script from cgi-bin I get the well known ERROR 500 message. On other machines they are running. I guess I misconfigured the Apache How can I get the CGI-Scripts running??? Every hint is worth of gold MfG Oliver Etzel - This is the cgi-list mailing list: To unsubscribe, send email to: [EMAIL PROTECTED] with the body: unsubscribe cgi-list To subscribe, send email to: [EMAIL PROTECTED] with the body: subscribe cgi-list No one may in any way attempt to data-mine or archive the mailing list for financial gain without the express permission of Jann.com. -- Apache Mailing List - http://www.unix-ag.org/apachelist/ (un)subscribe requests to [EMAIL PROTECTED] (send 'help' to [EMAIL PROTECTED] in case of problems) --
SSL and thin/fat server setups.
Hello all, I've been running apache+mod_perl servers with apache+mod_ssl front-ends, and been quite happy with this type of setup for quite some time. Now I need to use SSL certificates for authenticating users of an online database. It seems like there's no way to get the SSL information that the front-end sees to the back-end server because the SSL protocol underlies the HTTP protocol (outside of writing a custom apache module, and passing back the cert info in headers) and there's no such thing as an SSL proxy module that I've been able to find. Right now, I'm considering setting up a very lightweight apache+mod_perl+ssl+mod_proxy frontend with just a single perl auth/authz handler installed, and have that decrypt, authenticate, authorize, and proxy all SSL requests back to the fat server. Then I revert the apache+mod_ssl front end to a vanilla apache server and have it handle all plain HTTP requests. Before I do this, I'd just like to know if anyone has any other ideas on how to do this. --Christopher
Re: osx mod_perl
Chris there is an article on stepwise how to install mod_perl as a DSO module on mac osx server for Apache 1.3.11 with perl 5.005_02 http://www.stepwise.com/Articles/Workbench/BuildingModPerl.html the article is from January 29, 2000. maybe it will give you some idea there is also article on hotwired how to install PHP http://hotwired.lycos.com/webmonkey/templates/print_template.htmlt?meta=/webmonkey/01/16/index3a_meta.html nether one helped me. let me know if you succeed. -vitali |+- || Christian Wattinger| || christian.wattinger@se| || rious4.ch | || | || 06/29/01 11:25 AM | || | |+- --| | | | To: Vitali Zhulkovsky/NYC/CMPNotes@cmpnotes| | cc: [EMAIL PROTECTED] | | Subject: Re: osx mod_perl | --| on 28.06.01 18.20, [EMAIL PROTECTED] at [EMAIL PROTECTED] wrote: Hi Chris, here is the head binary if you still need it. i've had the same problem and it seem to work out. i tried to install HTML::mason on top of mod_perl, but have no idea if what i did is correct i guess i need to do some server configurations, which i have no clue where to start. (See attached file: head) . Vitali Zhulkovsky thanks vitali! it works 'better' now, compiles with 1 error in the cgi tests when installing mod_perl from cpan. it installs and httpd -l and -V say reasonable things. but httpd doesn't keep running, it just stops after a sec. now i reinstalled osx and run tenon's itools which work really fine! but its only free for 14 days then its 500 USD . - has anyone run mod_perl on osx with success?? is there a how-to somewhere?? - cheers chris
SSL and thin/fat server setups.
Hello all, I've been running apache+mod_perl servers with apache+mod_ssl front-ends, and been quite happy with this type of setup for quite some time. Now I need to use SSL certificates for authenticating users of an online database. It seems like there's no way to get the SSL information that the front-end sees to the back-end server because the SSL protocol underlies the HTTP protocol (outside of writing a custom apache module, and passing back the cert info in headers) and there's no such thing as an SSL proxy module that I've been able to find. Right now, I'm considering setting up a very lightweight apache+mod_perl+ssl+mod_proxy frontend with just a single perl auth/authz handler installed, and have that decrypt, authenticate, authorize, and proxy all SSL requests back to the fat server. Then I revert the apache+mod_ssl front end to a vanilla apache server and have it handle all plain HTTP requests. Before I do this, I'd just like to know if anyone has any other ideas on how to do this. --Christopher
RE: push_handlers and PerlAuthenHandler troubles
There are known bugs in push_handlers/set_handlers that I believe are
corrected in CVS and should be part of the 1.26 release. Perhaps these
bugs are the problem.
Regards,
Christian
-Original Message-
From: Bolt Thrower [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 25, 2001 10:50 PM
To: [EMAIL PROTECTED]
Subject: push_handlers and PerlAuthenHandler troubles
For a particular Location, I'd like to selectively (i.e., based on
arbitrary criteria) determine whether a visitor needs authentication.
So I set up a Location section in httpd.conf as follows:
Location /
AuthType Apache::AuthTicket
AuthName HomeIntranet
PerlAuthenHandler Intranet::CheckSiteAuthen
#PerlAuthenHandler Apache::AuthTicket-authenticate
PerlAuthzHandler Apache::AuthTicket-authorize
require valid-user
/Location
Intranet::CheckSiteAuthen looks like:
---[start]-
package Intranet::CheckSiteAuthen;
use strict;
use DBI;
use Apache::Constants qw(:common);
use Intranet::common;
use Data::Dumper;
sub handler {
my $r = shift;
$r-warn(starting CheckSiteAuthen);
$r-push_handlers(PerlAuthenHandler =
'Apache::AuthTicket-authenticate');
return DECLINED;
}
1;
---[end]-
But when I try to access a location under that configuration,
I see in my error log:
[Mon Jun 25 18:33:55 2001] [crit] [client 192.168.10.15]
configuration error: couldn't check user. No user file?:
/u/IntranetLoginForm
(/u/IntranetLoginForm is the login CGI form that Apache::AuthTicket
uses).
All I'm trying to do at this point is set up a PerlAuthenHandler that
passes control to another one (Apache::AuthTicket-authenticate).
Of course, everything works with the configuration
Location /
AuthType Apache::AuthTicket
AuthName HomeIntranet
#PerlAuthenHandler Intranet::CheckSiteAuthen
PerlAuthenHandler Apache::AuthTicket-authenticate
PerlAuthzHandler Apache::AuthTicket-authorize
require valid-user
/Location
Any suggestions for me?
Thanks,
--
Steve Chadsey [EMAIL PROTECTED]
So drink to forget and drown all your sorrows
Bury your dreams and choose catharsis!
-- Sentenced, Nepenthe
Re: SSL and thin/fat server setups.
On Fri, Jun 29, 2001 at 02:07:50PM -0500, Christopher L. Everett wrote: Hello all, I've been running apache+mod_perl servers with apache+mod_ssl front-ends, and been quite happy with this type of setup for quite some time. Now I need to use SSL certificates for authenticating users of an online database. It seems like there's no way to get the SSL information that the front-end sees to the back-end server because the SSL protocol underlies the HTTP protocol (outside of writing a custom apache module, and passing back the cert info in headers) and there's no such thing as an SSL proxy module that I've been able to find. I did make a module like that last year - it is available from http://www2.toftum.dk/apache/ vh Mads Toftum -- `Darn it, who spiked my coffee with water?!' - lwall
Re: SSL and thin/fat server setups.
At 02:07 PM 6/29/2001 -0500, Christopher L. Everett wrote: Hello all, I've been running apache+mod_perl servers with apache+mod_ssl front-ends, and been quite happy with this type of setup for quite some time. Now I need to use SSL certificates for authenticating users of an online database. It seems like there's no way to get the SSL information that the front-end sees to the back-end server because the SSL protocol underlies the HTTP protocol (outside of writing a custom apache module, and passing back the cert info in headers) and there's no such thing as an SSL proxy module that I've been able to find. Right now, I'm considering setting up a very lightweight apache+mod_perl+ssl+mod_proxy frontend with just a single perl auth/authz handler installed, and have that decrypt, authenticate, authorize, and proxy all SSL requests back to the fat server. Then I revert the apache+mod_ssl front end to a vanilla apache server and have it handle all plain HTTP requests. Before I do this, I'd just like to know if anyone has any other ideas on how to do this. Read Mads post. We use a similar method of accomplishing this in our own work. You can't use mod_proxy to proxy the SSL connection to the back-end server because as soon as you've established the SSL connection from the front-end proxy to the browser, you can't carry the certificate through to the back-end server even if you establish a second SSL connection. You can only satisfy the SSL challenge response mechanisms through having the browser's private key which the reverse proxy does not have. Later, Gunther
requre,use, modules, namespace...I'm confused...
Hi, I've read the docs on traps in using require and use, etc in mod_perl...I'm confused heres what I'm trying to figure out... lets say I have 3 sites on 1 box. so I have /home/httpd/site1 /home/httpd/site2 /home/httpd/site3 each of them host the same scripts. so if my script is test.cgi /home/httpd/site1/cgi-bin/test.cgi /home/httpd/site2/cgi-bin/test.cgi etc Now without mod_perl I have a file called configure.cgi in /home/httpd/site1/cgi-bin/configure.cgi etc...for other sites. each configure script is setup differently according to the site. usually I would do, require "configure.cgi" in the test.cgi script; but it's my understanding this won't work in mod_perl what I'm trying to do is figure out how to have test.cgi the same...and pull what it needs from the configure file. So that when I update test.cgi I can ftp it to all the sites without having to change it for each site. For the life of me I cannot figure out how it's done in mod_perl without having namespace problems... I read that you should use a module, but then I understand you cannot have modules with the same name.I readyou could alsogive package name in the configure.cgi script..like package config; Will that have the same namespace problem? Is there some info on how to do this someone could point me to? thanks, shawn
Re: API Design Question
On Sat, 30 Jun 2001, Steven Lembark wrote:
Note that if they do get called this will end up using more memory than if
you had just loaded them during startup, since they won't be shared between
child processes.
Original assumption is that they are called infrequently. You'll also find
that the amount of memory sucked up by a single subroutine isn't much,
less than pre-loading possibly 10' s of sub's that never get called.
The optimal approach would be
1. Use CGI.pm's like -compile import tag or Autosplit/Autoload to
provide the interface for loading only the wanted subs.
2. Use DB::DB hook to collect the stats on what subs are actually used See
this nice article for more info:
http://www.ddj.com/columns/perl/2001/0103pl002.htm?topic=perl
3. Use ab or something else to exercise your service to call all possible
URIs/args. Here you can use the access_log to feed learn what to feed to
ab assuming that access_log is big enough to exercise all your services
(which of course won't work for new services, and then you have to supply
the possible URIs/args by yourself)
4. Feed the results of 2 and 3 into 1 in startup.pl and voila you have the
perfect optimization.
5. If you modify your code you need either to rerun the stats collection
or manually adjust the startup.pl file.
Depending on how important is to squeeze the most our of your boxes and
how big is your code base, this scenario may or may not apply to your
situation, but it gives you a good idea of how Perl can help you.
All these stages can be completely automated.
This seems to be an interesting project for someone to implement and
release as a general module. So one can plug a stats handler which will
collect all the used modules (so you can preload them all at startup.pl)
and all used package::sub's to be fed into modules using
autosplit/autoload to load these from startup.pl.
Here is a simple Apache::UsedModules
package Apache::UsedModules;
use strict;
use Apache;
if($ENV{MOD_PERL}) {
Apache-push_handlers(PerlChildExitHandler = \handler);
}
sub handler {
my $r = shift;
my $file = /tmp/modules.$$;
open LOG, $file or die cannot open $file: $!;
print LOG \n# Used modules\n\n;
for (sort grep !/^main$/, keys %INC){
next if m!^/|\.pl$!; # skip non modules
print LOG qq{require $_;\n}; # ($INC{$_})\n;
}
close LOG;
}
1;
usage:
PerlModule Apache::UsedModules
or
use Apache::UsedModules; # in startup.pl
For subs stats you actually need to rework the DB::DB hook from
Apache::DB or write a new one based on Apache::DB (preferrably).
_
Stas Bekman JAm_pH -- Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide http://perl.apache.org/guide
mailto:[EMAIL PROTECTED] http://apachetoday.com http://eXtropia.com/
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
RE: requre,use, modules, namespace...I'm confused...
I have same question.And my solution:
1.In httpd.conf
PerlAddVar conf /home/httpd/site1/cgi-bin/configure.cgi
PerlAddVar conf /home/httpd/site2/cgi-bin/configure.cgi
PerlAddVar conf /home/httpd/site3/cgi-bin/configure.cgi
2.In your test.cgi
use vars qw(%conf);
my $site = $ENV{'HTTP_HOST'};
# get site1,site2,etc.
($site) = ($site =~ /^\/(.*?)\.some\.dom\/cgi-bin\/i);
use Apache;
my $r = Apache-request();
my @conf_file = $r-dir_config-get('conf');
foreach (@conf_file)
{
# import all site configuration file
require;
}
no strict qw(refs);
# import configure variable
# call by $conf{'SOME_VAR'};
*conf = \%{${conf::.$site.::conf}};
3.In your site1 configure.cgi,use ref of hash
package conf::site1;
$conf =
{
# web name.
'web_name' = 'site1',
# Parent web link.
'web_link' = 'http://site1.some.dom/',
}
# in different configure.cgi,have different configure variable and
package.
And ,Please referer http://perl.apache.org/guide/,and thanks stas and
other.
-Original Message-
From: swade [mailto:[EMAIL PROTECTED]]
Sent: 2001Äê7ÔÂ2ÈÕ 13:18
To: [EMAIL PROTECTED]
Subject: requre,use, modules, namespace...I'm confused...
Hi,
I've read the docs on traps in using require and use, etc in
mod_perl...I'm confused
heres what I'm trying to figure out...
lets say I have 3 sites on 1 box. so I have /home/httpd/site1
/home/httpd/site2 /home/httpd/site3
each of them host the same scripts. so if my script is test.cgi
/home/httpd/site1/cgi-bin/test.cgi
/home/httpd/site2/cgi-bin/test.cgi
etc
Now without mod_perl I have a file called configure.cgi in
/home/httpd/site1/cgi-bin/configure.cgi
etc...for other sites. each configure script is setup differently
according to the site.
usually I would do, require configure.cgi in the test.cgi script; but
it's my understanding this won't work in mod_perl
what I'm trying to do is figure out how to have test.cgi the same...and
pull what it needs from the
configure file. So that when I update test.cgi I can ftp it to all the
sites without having to change it for
each site. For the life of me I cannot figure out how it's done in
mod_perl without having namespace problems...
I read that you should use a module, but then I understand you cannot
have modules with the same name. I read you could also give package name
in the configure.cgi script..like package config; Will that have the
same namespace problem? Is there some info on how to do this someone
could point me to?
thanks,
shawn
