Re: variables not changing with modperl??

[Michael Drons]

Thanks for the link.  I actually don't use functions. 
Everything is mostly in MAIN.  Here is a snip of code:

#!/usr/bin/perl -wT
use strict;
print "";
my $r = Apache->request;
$r->content_type("text/html");
$r->status(200);
my $auth_type = $r->auth_type;
$cookie=$auth_type->key;
($user,$hash)=split(/:/,$cookie);
read(STDIN, my $buffer, $ENV{'CONTENT_LENGTH'});
my @pairs = split(/&/, $buffer);
foreach my $pair (@pairs) {

}

What I am doing wrong?  Everytime the script runs the
values of the variables coming in change.  Should I
use the delete function and delete all of the
variables at the end of the script?  @pairs is what
should change, but sometimes does not.  I have tried
to add a undef @pairs before the split, but no luck.


Mike

--- Perrin Harkins <[EMAIL PROTECTED]> wrote:
> Michael Drons wrote:
> > I am using Apache::Registry (Apache 1.3.26) I am
> see
> > weird things happen with my scripts.  I have have
> "use
> > strict" in all of the scripts and I use my() for
> all
> > of my variables.  But I still have variables that
> > contain data from previous loads.
> 
> Sounds like the closure problem with subroutines in
> Apache::Registry. 
> Does you code have subroutines that refer to
> variables declared outside 
> of them?
> 
> > Everything I can find in docs says read the FAQ at
> 
> > http://perl.apache.org/faq/, which does not
> exists.
> 
> Read this:
>
http://perl.apache.org/docs/general/perl_reference/perl_reference.html#my___Scoped_Variable_in_Nested_Subroutines
> 
> - Perrin
> 


__
Do You Yahoo!?
HotJobs - Search Thousands of New Jobs
http://www.hotjobs.com

Re: variables not changing with modperl??

[Perrin Harkins]

Michael Drons wrote:
> I am using Apache::Registry (Apache 1.3.26) I am see
> weird things happen with my scripts.  I have have "use
> strict" in all of the scripts and I use my() for all
> of my variables.  But I still have variables that
> contain data from previous loads.

Sounds like the closure problem with subroutines in Apache::Registry. 
Does you code have subroutines that refer to variables declared outside 
of them?

> Everything I can find in docs says read the FAQ at 
> http://perl.apache.org/faq/, which does not exists.

Read this:
http://perl.apache.org/docs/general/perl_reference/perl_reference.html#my___Scoped_Variable_in_Nested_Subroutines

- Perrin

variables not changing with modperl??

[Michael Drons]

I am using Apache::Registry (Apache 1.3.26) I am see
weird things happen with my scripts.  I have have "use
strict" in all of the scripts and I use my() for all
of my variables.  But I still have variables that
contain data from previous loads.  I see it in hashes
and arrays.  Especially, if I have an array that
contains 6 strings in load 1 and only 2 strings in
load 2.  In the second load of the script the array
will contain the 2 new strings and the 4 old strings. 
Everything I can find in docs says read the FAQ at 
http://perl.apache.org/faq/, which does not exists.
This link comes from the subscribe message.  I have
thought about using PerlRun, but a module I use
(AuthCookie) requies mod_perl.  How do I undefine or
reinit the variable?  I am currently using undef, but
it does not work.

Mike Drons

__
Do You Yahoo!?
HotJobs - Search Thousands of New Jobs
http://www.hotjobs.com

Re: NTLM module

[Peter Bi]

You may check Apache::Access module at http://modperl.home.att.net in which
I tried to provide a general solution to several popular authentication
issuers such as SMB, LDAP, IMAP, NIS, FTP, LWP and DBI etc.

Cheers.


Peter Bi

- Original Message -
From: "Gerald Richter" <[EMAIL PROTECTED]>
To: "Kaye-Smith Adam" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, August 12, 2002 9:12 PM
Subject: Re: NTLM module


>
> >According to the documentation, if you set NTMLauthoritative to off,
> >then if NTLM authorization fails, then it should pass it on to the lower
> >level modules.
>
> Yes, that's true and it works like you describe it. The point that you are
> missing is (and that I have tried to show in my last mail), that during
NTLM
> authentication there is no password! NTLM never passes the password to the
> server, so also the control gets passed to the lower level module, this
> lower level module must be able to handle NTLM. The default Apache auth
> handler isn't able to do so. It expects a password, which it doesn't gets
> because the client never has send it.
>
> Hope it's a little bit more clear now
>
> Gerald
>
> -
> Gerald Richterecos electronic communication services gmbh
> Internetconnect * Webserver/-design/-datenbanken * Consulting
>
> Post:   Tulpenstrasse 5 D-55276 Dienheim b. Mainz
> E-Mail: [EMAIL PROTECTED] Voice:+49 6133 925131
> WWW:http://www.ecos.de  Fax:  +49 6133 925152
> -
>
>
>
>  I have cut out the below section from the doco which
> relates to the above functionality :
> "
> =head2 PerlSetVar ntlmauthoritative
>
> Setting the ntlmauthoritative directive explicitly to 'off' allows
> authentication
> to be passed on to lower level modules if AuthenNTLM cannot autheticate
> the userand the NTLM authentication scheme is used.
> If set to 'on', which is the default, AuthenNTLM will try to verify the
> user andif it fails will give an Authorization Required reply.
>
> =head2 PerlSetVar basicauthoritative
>
> Setting the ntlmauthoritative directive explicitly to 'off' allows
> authentication
> to be passed on to lower level modules if AuthenNTLM cannot autheticate
> the userand the Basic authentication scheme is used.
> If set to 'on', which is the default, AuthenNTLM will try to verify the
> user andif it fails will give an Authorization Required reply.
> "
>
>
>
> From the above description, I am hoping for the following events to take
> place
>
>
> -   ntlm authentication   (if fail this level go to next authentication)
>
> -   basic authentication  (if fails this level go to other
> authentication systems)
>
> -   read passwords in htpasswd file  ( if this fails, then access not
> granted)
>
>
>
>
> To enable the following behaviour, I have included the following
> directives in httpd.conf.
>
> -  ntlmauthoritative off
> -  basicauthoritative off
>
>
> I have also taken out the basic authentication to see if this works ie
>
> Authtype ntlm   (not basic)
>
> But this still does fail & allow the htpasswd system to verify access.
>
>
>
> If there are changes that need to be made to  the AuthenNTLM.pm, I am
> not very well read in this area - are there any goof references.
>
> From my novice perspective, it appears that when NTLM is included as
> part of the authentication, the ability for normal modules to verify
> access (ie htpasswd file) is no longer available ie the perl module does
> not pass back what the standard modules are expecting.
>
> I am sorry to be a bit unclear in my analysis, but I am fairly new to
> apache & perl modules.
>
>
> Many Thanks
>
>
> Adam
>
>
> original email attached
>
>
>
>
>
>
>
>
>
> -Original Message-
> From: Gerald Richter [mailto:[EMAIL PROTECTED]]
> Sent: Monday, 12 August 2002 5:35 PM
> To: Kaye-Smith Adam; [EMAIL PROTECTED]
> Subject: Re: NTLM module
>
>
>
> - Original Message -
> From: "Kaye-Smith Adam" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Monday, August 12, 2002 4:51 AM
> Subject: NTLM module
>
>
> Hello ,
>
>
> >When I enter in an NT password it all works ok but when I use a
> >user/pass from the htpasswd file, the only way it will work is that I
> >change the above line to
> >
> >AuthType Basic instead of
> >AuthType ntlm,Basic.
> >
> >
> >With this change I can access passwords in htpasswd & also authenticate
> >from an NT server but I can no longer use NTLM.
>
> The problem is that Basic authentication requires a password from the
> client
> which can be compared against your password file. In case of NTLM auth,
> there is no password ever send over the wire, so Apache doesn't have
> anything which it can compare against it's passwd file.
>
> The solution would be to derive a class from AuthenNTLM and do the
> computation of the challage and response based on the secrets in the
> passwd
> file (you would 

Re: NTLM module

[Gerald Richter]

>According to the documentation, if you set NTMLauthoritative to off,
>then if NTLM authorization fails, then it should pass it on to the lower
>level modules.

Yes, that's true and it works like you describe it. The point that you are
missing is (and that I have tried to show in my last mail), that during NTLM
authentication there is no password! NTLM never passes the password to the
server, so also the control gets passed to the lower level module, this
lower level module must be able to handle NTLM. The default Apache auth
handler isn't able to do so. It expects a password, which it doesn't gets
because the client never has send it.

Hope it's a little bit more clear now

Gerald

-
Gerald Richterecos electronic communication services gmbh
Internetconnect * Webserver/-design/-datenbanken * Consulting

Post:   Tulpenstrasse 5 D-55276 Dienheim b. Mainz
E-Mail: [EMAIL PROTECTED] Voice:+49 6133 925131
WWW:http://www.ecos.de  Fax:  +49 6133 925152
-



 I have cut out the below section from the doco which
relates to the above functionality :
"
=head2 PerlSetVar ntlmauthoritative

Setting the ntlmauthoritative directive explicitly to 'off' allows
authentication
to be passed on to lower level modules if AuthenNTLM cannot autheticate
the userand the NTLM authentication scheme is used.
If set to 'on', which is the default, AuthenNTLM will try to verify the
user andif it fails will give an Authorization Required reply.

=head2 PerlSetVar basicauthoritative

Setting the ntlmauthoritative directive explicitly to 'off' allows
authentication
to be passed on to lower level modules if AuthenNTLM cannot autheticate
the userand the Basic authentication scheme is used.
If set to 'on', which is the default, AuthenNTLM will try to verify the
user andif it fails will give an Authorization Required reply.
"



>From the above description, I am hoping for the following events to take
place


-   ntlm authentication   (if fail this level go to next authentication)

-   basic authentication  (if fails this level go to other
authentication systems)

-   read passwords in htpasswd file  ( if this fails, then access not
granted)




To enable the following behaviour, I have included the following
directives in httpd.conf.

-  ntlmauthoritative off
-  basicauthoritative off


I have also taken out the basic authentication to see if this works ie

Authtype ntlm   (not basic)

But this still does fail & allow the htpasswd system to verify access.



If there are changes that need to be made to  the AuthenNTLM.pm, I am
not very well read in this area - are there any goof references.

>From my novice perspective, it appears that when NTLM is included as
part of the authentication, the ability for normal modules to verify
access (ie htpasswd file) is no longer available ie the perl module does
not pass back what the standard modules are expecting.

I am sorry to be a bit unclear in my analysis, but I am fairly new to
apache & perl modules.


Many Thanks


Adam


original email attached









-Original Message-
From: Gerald Richter [mailto:[EMAIL PROTECTED]]
Sent: Monday, 12 August 2002 5:35 PM
To: Kaye-Smith Adam; [EMAIL PROTECTED]
Subject: Re: NTLM module



- Original Message -
From: "Kaye-Smith Adam" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, August 12, 2002 4:51 AM
Subject: NTLM module


Hello ,


>When I enter in an NT password it all works ok but when I use a
>user/pass from the htpasswd file, the only way it will work is that I
>change the above line to
>
>AuthType Basic instead of
>AuthType ntlm,Basic.
>
>
>With this change I can access passwords in htpasswd & also authenticate
>from an NT server but I can no longer use NTLM.

The problem is that Basic authentication requires a password from the
client
which can be compared against your password file. In case of NTLM auth,
there is no password ever send over the wire, so Apache doesn't have
anything which it can compare against it's passwd file.

The solution would be to derive a class from AuthenNTLM and do the
computation of the challage and response based on the secrets in the
passwd
file (you would need to store MD4 hashs of your passwords somewhere).
There
is a module called Perl::AuthenNTLM which may be helpfull in doing this
task.

Gerald


-
Gerald Richterecos electronic communication services gmbh
Internetconnect * Webserver/-design/-datenbanken * Consulting

Post:   Tulpenstrasse 5 D-55276 Dienheim b. Mainz
E-Mail: [EMAIL PROTECTED] Voice:+49 6133 925131
WWW:http://www.ecos.de  Fax:  +49 6133 925152
-







The inf

Re: Apache->server->dir_config->{DocumentRoot} is null on startup

[Stas Bekman]

>  How else can i find the server->document_root ?

e.g: Apache->server_root_relative("htdocs");


__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

Re: error_log [info] & [debug] lines

[Stas Bekman]

Anton Permyakov wrote:
> Hello, all.
> 
> My error_log is abounded with following lines.
> What does it mean, and how it impacts on Apache performance in general?

You sometimes get these when clients abort their connections. There is 
not much you can do about that. It doesn't impact the performance.

> Thank you.
> 
> [Sat Aug 10 12:50:03 2002] [info] [client 24.165.240.166] (104)Connection
> reset by peer: client stopped connection before rwrite completed
> [Sat Aug 10 12:50:03 2002] [debug] Apache.c(364): (104)Connection reset by
> peer: mod_perl: rwrite returned -1 (fd=3, B_EOUT=8)
> [Sat Aug 10 12:50:04 2002] [info] [client 24.165.240.166] (104)Connection
> reset by peer: client stopped connection before rwrite completed
> [Sat Aug 10 12:50:04 2002] [debug] Apache.c(364): (104)Connection reset by
> peer: mod_perl: rwrite returned -1 (fd=3, B_EOUT=8)
> [Sat Aug 10 12:50:05 2002] [info] [client 24.165.240.166] (104)Connection
> reset by peer: client stopped connection before rwrite completed



__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

Re: please unsubscribe me

[Stas Bekman]

[EMAIL PROTECTED] wrote:
> please unsubscribe me

Only you can do that. Look at the email header, it says:

list-unsubscribe: 

__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

Re: Handler Concept / Question

[Stas Bekman]

Rick Myers wrote:
> On Aug 12, 2002 at 11:50:56 -0600, Thomas Whitney wrote:
> 
>>  I was following this thread with interest because I want to do something
>>like this.  I started searching on list archive for the above mentioned
>>syntax,  I searched for 'static content', then 'default handler', but with
>>no luck.  I do not mind doint the the searching, if you would perhaps
>>suggest a couple other search topics.
> 
> 
> You were close. It's default-handler.
> 
>   http://httpd.apache.org/docs/handler.html

And in mod_perl docs:
http://perl.apache.org/docs/1.0/guide/config.html#Overriding_E_lt_LocationE_gt__Setting_in__Sub_Location_



__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

Apache->server->dir_config->{DocumentRoot} is null on startup

[srp]

Hi,

On a Apache/1.3.23 (Unix) mod_perl/1.26, if I check 
 Apache->server->dir_config during server startup, I find it is empty !!

 Dumper shows it is "bless( {}, 'Apache::Table' )".

 Shouldn't the conf file key/value pairs be available in this Apache::Table 
 during a server startup ?  Apache->server->dir_config("any key") is empty.

 Also ...

 How else can i find the server->document_root ?

 Please mail me directly as I am not on the list. and TIA :-)
 
 regards
 srp

error_log [info] & [debug] lines

[Anton Permyakov]

Hello, all.

My error_log is abounded with following lines.
What does it mean, and how it impacts on Apache performance in general?
Thank you.

[Sat Aug 10 12:50:03 2002] [info] [client 24.165.240.166] (104)Connection
reset by peer: client stopped connection before rwrite completed
[Sat Aug 10 12:50:03 2002] [debug] Apache.c(364): (104)Connection reset by
peer: mod_perl: rwrite returned -1 (fd=3, B_EOUT=8)
[Sat Aug 10 12:50:04 2002] [info] [client 24.165.240.166] (104)Connection
reset by peer: client stopped connection before rwrite completed
[Sat Aug 10 12:50:04 2002] [debug] Apache.c(364): (104)Connection reset by
peer: mod_perl: rwrite returned -1 (fd=3, B_EOUT=8)
[Sat Aug 10 12:50:05 2002] [info] [client 24.165.240.166] (104)Connection
reset by peer: client stopped connection before rwrite completed

please unsubscribe me

[mikedennisdanese]

please unsubscribe me

__
Pre-order the NEW Netscape 7.0 browser. Reserve your FREE CD and pay only $2.99 
shipping and handling. http://cd.netscape.com/promo_one/ 

Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/

[DIGEST] mod_perl digest 2002/08/05

[jgsmith]

--

  mod_perl digest
 
  August 5, 2002 - August 11, 2002

--

Recent happenings in the mod_perl world...

Features

  o mod_perl status
  o module announcements
  o module rfcs
  o application announcements
  o mailing list highlights
  o links


mod_perl status

  o mod_perl
- stable: 1.27 (released June 1, 2002) [1]
- development: 1.27_01-dev [2]
  o Apache
- stable: 1.3.26 (released June 18, 2002) [3]
- development: 1.3.27-dev [4]
  o mod_perl 2.0
- beta: 1.99_04 (released June 21, 2002) [5]
- development: (from cvs) [6]
  o Apache 2.0
- stable: 2.0.40 (released August 9, 2002) [7]
  o Perl
- stable: 5.8.0 (released July 18, 2001) [8]
- development: none [9]


module announcements

  o Apache::CustomKeywords - Customizable toolbar for MSIE [10]

  o Debug::FaultAutoBT 0.02 - automatic backtrace extractor on
SIGSEGV, SIGBUS, etc. (formerly Debug::SIGSEGVTrace) [11]

  o StateMachine::Gestinanna 0.04 - sub-classible state machines
designed for wizard-like applications [12]

  o Uttu 0.04 - web application framework driver [13]


module rfcs

  o HTML::XSSLint [14]


application announcements

  o aphid 0.17a - web-based Perl/Apache/SSL installer [15]


mailing list highlights

  o Generating Apache vhost config dynamically [16]


links

  o The Apache/Perl Integration Project [17]
  o mod_perl documentation [18]
  o Apache modules on CPAN [19]
  o _Writing Apache Modules with Perl and C_ homepage [20]
  o mod_perl news and advocacy [21]
  o mod_perl list archives
  - modperl@ [22]
  - dev@ [23]
  - docs-dev@ [24]
  - advocacy@ [25]


happy mod_perling...

--James
[EMAIL PROTECTED]

--
[1] http://perl.apache.org/dist/
[2] http://cvs.apache.org/snapshots/modperl/
[3] http://www.apache.org/dist/httpd/
[4] http://cvs.apache.org/snapshots/apache-1.3/
[5] http://perl.apache.org/dist/mod_perl-1.99_04.tar.gz
[6] http://cvs.apache.org/snapshots/modperl-2.0/
[7] http://www.apache.org/dist/httpd/
[8] http://www.cpan.org/src/stable.tar.gz
[9] http://www.cpan.org/src/README.html

[10] http://mathforum.org/epigone/modperl/stithersang
[11] http://mathforum.org/epigone/modperl/yulslonsnel
[12] http://mathforum.org/epigone/modperl/woygahgling
[13] http://mathforum.org/epigone/modperl/krandkrau

[14] http://mathforum.org/epigone/modperl/ghombronwhon

[15] http://mathforum.org/epigone/modperl/cerdbloistrar

[16] http://mathforum.org/epigone/modperl/stosnerdrei

[17] http://perl.apache.org/
[18] http://perl.apache.org/docs/
[19] http://www.cpan.org/modules/by-module/Apache/
[20] http://www.modperl.com/
[21] http://www.take23.org/
[22] http://perl.apache.org/maillist/modperl.html#Searchable_Archives
[23] http://perl.apache.org/maillist/dev.html#Searchable_Archives
[24] http://perl.apache.org/maillist/docs-dev.html#Searchable_Archives
[25] http://perl.apache.org/maillist/advocacy.html#Searchable_Archives

RE: can't fine ModuleConfig.c.

[Goehring, Chuck Mr., RCI - San Diego]

Randy,

I'm using Perl 5.6.0 for this. Should I be using 5.8.0?  Does that affect 
ModuleConfig.c?

Having problems running things with the version I put out last week.  It complains 
about the dumbest things and is overly strict.

Thanks
Chuck


-Original Message-
From: Randy Kobes [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 06, 2002 12:34 PM
To: Goehring, Chuck Mr., RCI - San Diego
Cc: mod perl list (E-mail)
Subject: RE: can't fine ModuleConfig.c.


On Sun, 4 Aug 2002, Goehring, Chuck Mr., RCI - San Diego wrote:

> Randy,
> 
> Got things working - had to get that thing into production
> before the security folks took us out of the dns.
> 
> Failed modperl's test because the test required Process.pm
> which in turn required the entire libwin32 (which died during
> compile).  On the modperl side, I deleted ModuleConfig.c fom
> the project and it compiled.

Are you using a recent ActivePerl? The libwin32 suite
should be there, if you are ...

> 
> Did:
>perl Makefile.PL
>nmake install
>Built .so file using VC++ IDE.
>nmake test (died because of Process.pm)
>nmake install
> 
> Did not modify any make or provide any options to Makefile.PL
> 
> 
> As dangerous as this seams, it did run and passed minimal
> testing.  Have had no reports of problems from the users.  It
> isn't doing e-commerce or the like.
> 
> Something is up with ModuleConfig.c though.  I don't know what
> that file does.  We use mod_perl just to speed up cgis so maybe
> it isn't needed for my purposes.

I'll try to look into what's up with ModuleConfig.c ... 

best regards,
randy

Re: Handler Concept / Question

[Rick Myers]

On Aug 12, 2002 at 11:50:56 -0600, Thomas Whitney wrote:
>   I was following this thread with interest because I want to do something
> like this.  I started searching on list archive for the above mentioned
> syntax,  I searched for 'static content', then 'default handler', but with
> no luck.  I do not mind doint the the searching, if you would perhaps
> suggest a couple other search topics.

You were close. It's default-handler.

  http://httpd.apache.org/docs/handler.html

--rick

Re: Handler Concept / Question

[Thomas Whitney]

>> If I do set my script to answer all requests, how do I tell the
>> webserver to show the static content that exists under the requested
>> url?

>You have to make the default handler pick it up.  I forget the exact
>syntax, but there were some examples posted to the mailing list a while
>back.
>- Perrin

Hi,
I was following this thread with interest because I want to do something
like this.  I started searching on list archive for the above mentioned
syntax,  I searched for 'static content', then 'default handler', but with
no luck.  I do not mind doint the the searching, if you would perhaps
suggest a couple other search topics.

Thanks,

Thomas Whitney.

Re: Mixing TOMCAT and mod_perl sessions

[Perrin Harkins]

Yair Lenga wrote:
> The website I'm supporting is running both TOMCAT applications ('.war'), 
> and has mod_perl scripts (all of them are registry - CGI scripts). I 
> have the following requirements:
> 
> * The user identification information must be shared between TOMCAT
>   and mod_perl (so that the user does not need to login twice).
> * No data sharing between mod_perl and TOMCAT application - but each
>   of them need to store some persistent data.
> * Session should be persistent across server restarts (which
>   excludes shared memory based solutions).

You would probably have to implement the session interface on both 
sides.  It could be fairly easy to implement sessions if you make a few 
assumptions, like a session will be a single hash with no complex 
structures or objects in it.  A simple serialization scheme would then 
be possible for both languages (maybe use an existing XML one).  You can 
use a database for persistent storage from both sides.

- Perrin

Mixing TOMCAT and mod_perl sessions (resend)

[Yair Lenga]

Greetings,

The website I'm supporting is running both TOMCAT applications ('.war'), and has 
mod_perl scripts (all of them are registry - CGI scripts). I have the following 
requirements:

   * The user identification information must be shared between TOMCAT and mod_perl 
(so that the user does not need to login twice).
   * No data sharing between mod_perl and TOMCAT application - but each of them need 
to store some persistent data.
   * Session should be persistent across server restarts (which excludes shared memory 
based solutions).

I'm currently using 'home-grown' session management, where each session is represented 
as a file. Both TOMCAT (4.0.4), and mod_perl (Apache::Session) can serialize session 
state. Can anyone suggest a smart way to get the two to work together - at minimum, I 
need to be able to create and destroy sessions, and to have the user id shared between 
the two. Preferably, using files (and not mysql).

Thanks,
Yair Lenga

PS: This is a resend of the original message - based on request from the moderator to 
avoid html formatting.

Re: Mixing TOMCAT and mod_perl sessions

[Gunther Birznieks]

What you could do is write an Apache::Session driver that instead of 
storing to a file, passes the session id as a call to a web service that 
gets and sets session data using parameters sent to a servlet running in 
the same context as the sessions where your Java servlets/JSPs run.

I've not done it, but I think it would be awesome if sessions could be 
shared between Java Servlets and Perl. We have a lot of apps written in 
both technologies ourselves (banking in Java, portal stuff in Perl)

I don't think doing this would be too hard.

Later,
Gunther

At 08:36 PM 8/12/2002, Yair Lenga wrote:
>Greetings,
>
>The website I'm supporting is running both TOMCAT applications ('.war'), 
>and has mod_perl scripts (all of them are registry - CGI scripts). I have 
>the following requirements:
>* The user identification information must be shared between TOMCAT 
> and mod_perl (so that the user does not need to login twice).
>* No data sharing between mod_perl and TOMCAT application - but each 
> of them need to store some persistent data.
>* Session should be persistent across server restarts (which excludes 
> shared memory based solutions).
>I'm currently using 'home-grown' session management, where each session is 
>represented as a file. Both TOMCAT (4.0.4), and mod_perl (Apache::Session) 
>can serialize session state. Can anyone suggest a smart way to get the two 
>to work together - at minimum, I need to be able to create and destroy 
>sessions, and to have the user id shared between the two. Preferably, 
>using files (and not mysql).
>
>Thanks,
>Yair Lenga
>

__
Gunther Birznieks ([EMAIL PROTECTED])
eXtropia - The Open Web Technology Company
http://www.eXtropia.com/
Office: (65) 64791172 Mobile: (65) 96218290

Mixing TOMCAT and mod_perl sessions

[Yair Lenga]

Greetings,
The website I'm supporting is running both TOMCAT applications ('.war'),
and has mod_perl scripts (all of them are registry - CGI scripts).
I have the following requirements:


The user identification information must be shared between TOMCAT and mod_perl
(so that the user does not need to login twice).


No data sharing between mod_perl and TOMCAT application - but each of them
need to store some persistent data.


Session should be persistent across server restarts (which excludes shared
memory based solutions).

I'm currently using 'home-grown' session management, where each session
is represented as a file. Both TOMCAT (4.0.4), and mod_perl (Apache::Session)
can serialize session state. Can anyone suggest a smart way to get the
two to work together - at minimum, I need to be able to create and destroy
sessions, and to have the user id shared between the two. Preferably, using
files (and not mysql).
Thanks,
Yair Lenga
 

error_log [info] & [debug] lines

[Anton Permyakov]

Hello, all.

My error_log is abounded with following lines.
What does it mean, and how it impacts on Apache performance in general?
Thank you.

[Sat Aug 10 12:50:03 2002] [info] [client 24.165.240.166] (104)Connection
reset by peer: client stopped connection before rwrite completed
[Sat Aug 10 12:50:03 2002] [debug] Apache.c(364): (104)Connection reset by
peer: mod_perl: rwrite returned -1 (fd=3, B_EOUT=8)
[Sat Aug 10 12:50:04 2002] [info] [client 24.165.240.166] (104)Connection
reset by peer: client stopped connection before rwrite completed
[Sat Aug 10 12:50:04 2002] [debug] Apache.c(364): (104)Connection reset by
peer: mod_perl: rwrite returned -1 (fd=3, B_EOUT=8)
[Sat Aug 10 12:50:05 2002] [info] [client 24.165.240.166] (104)Connection
reset by peer: client stopped connection before rwrite completed

RE: Compiled-in but not recognized

[Colin]

Just to update that I thankfully have this working now :)
It was a corrupted mod_perl.c file from the source tree that was causing the
issue.

Thanks.

> >> Hi there,
> >>
> >> On Sun, 11 Aug 2002, Colin wrote:
> >>
> >>> I know this is a recurring problem but bear with me ...
> >>
> >> :)
> >>
> >>> httpd -l
> >>> Compiled-in modules:
> >>> http_core.c
> >>> mod_so.c
> >>> mod_perl.c
> >>
> >> pwd?
>
> I think that Ged was suggesting you might have multiple httpd binaries
> on your system, and was suggesting that you verify you're running the
> binary you think you're running.
>
> It's really annoying when you're trying to debug a program, and the
> program you're running is not the one you're adding the debugging
> statements to.  However, I suspect most of us have done it on occasion.
>
> Ed
> "How the #&@*! is it getting past all those debug statements without
> hitting any?!?!" - Me
>
>

Re: NTLM module

[Gerald Richter]

- Original Message -
From: "Kaye-Smith Adam" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, August 12, 2002 4:51 AM
Subject: NTLM module


Hello ,


>When I enter in an NT password it all works ok but when I use a
>user/pass from the htpasswd file, the only way it will work is that I
>change the above line to
>
>AuthType Basic instead of
>AuthType ntlm,Basic.
>
>
>With this change I can access passwords in htpasswd & also authenticate
>from an NT server but I can no longer use NTLM.

The problem is that Basic authentication requires a password from the client
which can be compared against your password file. In case of NTLM auth,
there is no password ever send over the wire, so Apache doesn't have
anything which it can compare against it's passwd file.

The solution would be to derive a class from AuthenNTLM and do the
computation of the challage and response based on the secrets in the passwd
file (you would need to store MD4 hashs of your passwords somewhere). There
is a module called Perl::AuthenNTLM which may be helpfull in doing this
task.

Gerald


-
Gerald Richterecos electronic communication services gmbh
Internetconnect * Webserver/-design/-datenbanken * Consulting

Post:   Tulpenstrasse 5 D-55276 Dienheim b. Mainz
E-Mail: [EMAIL PROTECTED] Voice:+49 6133 925131
WWW:http://www.ecos.de  Fax:  +49 6133 925152
-