[ANNOUNCE] Apache::App::Mercury (new module)
This is a new application for mod_perl - just released. Apache::App::Mercury is a customizable, extensible customer to customer, store and forward messaging application for Apache mod_perl (1.x). It uses a relational database (accessed via DBI) to store and retrieve messages, and uses CGI.pm to display them in standard HTML. It's design closely resembles a MVC design pattern, and it handles all message box navigation, message composition, sending, replying, etc. In short, it is a complete web (intra server) messaging application for your Apache mod_perl server, which can be customized to fit your specific needs (e.g. private labelling). At the moment, installation has quite a few steps. Sorry about that. I tried to make it as simple and straightforward as possible, but the complexity is necessary since it needs to tie into your existing mod_perl app. Cheers, -Adi -- The URL http://adiraj.org/sw/Apache-App-Mercury/Apache-App-Mercury-0.80.tar.gz has entered CPAN as file: $CPAN/authors/id/A/AD/ADIRAJ/Apache-App-Mercury-0.80.tar.gz size: 38372 bytes md5: 96d5369bf2ad83168ce00829c0102357 No action is required on your part Request entered by: ADIRAJ (Adi Fairbank) Request entered on: Sun, 20 Jul 2003 04:31:15 GMT Request completed: Sun, 20 Jul 2003 04:32:58 GMT
Re: [RFC] web-messaging application for mod_perl
On, or in the near vicinity of Tue, 15 Jul 2003 01:47:13 -0500 James G Smith <[EMAIL PROTECTED]> has thus written: > Adi Fairbank <[EMAIL PROTECTED]> wrote: > >Here are the possibilities: > > > > 1 Apache::WebMessaging > > 2 Apache::App::WebMessaging > > 3 Apache::SomeOtherUniqueName (e.g. ServerMessaging, or UserMessaging, or > >SystemMessaging) > > > >I personally prefer 1 or 2, so if there are no serious objections, I'll pick > >one of those. Let me know which you like the best. > [...] > > From what I can see from your description and a brief look at some of > the code, you are doing a small portion of what web messaging can > mean: customer to customer, store and forward messaging. > > Because you don't cover all the possibilities (and it would be > unreasonable to expect anyone to do so), I would discourage using > such a generic name. > [...] > > Having unique names like these helps in several ways. First, they > don't preclude others from entering the same `market,' which can be > seen as part of the TMTOWTDI tradition in Perl. Second, they serve > to brand the application. If you give a talk about Web Messaging, > what do people expect? We're back to the survey above. On the other > hand, a talk about a particular name, such as Apache::App::Mercury, > might let people know more quickly what you are wanting to discuss. Ok, I'm sold. Now I get the reason for not using such a generic name. In fact, I really like your suggestion Apache::App::Mercury. If you don't mind, I'll use that name! Do you mind? "Mercury the swift messenger of the ancient gods. The Greek god Hermes (the Roman Mercury) was the god of translators and interpreters. He was the most clever of the Olympian gods, and served as messenger for all the other gods. He ruled over wealth, good fortune, commerce, fertility, and thievery. Among his personal favorite commercial activities was the corn trade. He was also the god of manual arts and eloquence. As the deity of athletes, he protected gymnasiums and stadiums." (http://www.eso.org/outreach/eduoff/vt-2004/mt-2003/mt-mercury-mythology.html) > Finally, you might want to change the version from 0.80pre1 to > 0.80_01 -- CPAN might get confused by the first format. Will do! Cheers, -Adi
Re: [RFC] web-messaging application for mod_perl
On, or in the near vicinity of Mon, 14 Jul 2003 18:49:58 +0300 Stas Bekman <[EMAIL PROTECTED]> has thus written: > > Probably the best bet is to give it some cool unique name, like > Apache::AdiChat and then you are all set, since you are not going to take over > > any future framework/namespaces... > Well, I don't like that name, but I do get what you mean. ( I wouldn't want to have any piece of software named after me... just my personal style. Software lives for too long, especially open source. It would still be called that long after I'm dead. ) What's wrong with "WebMessaging" ? Do you foresee that interfering with some future software in the Apache:: namespace, or is it just too generic? I thought it was a good name since it accurately describes what it is: not webmail, not instant messaging, but web messaging. (basically, it's like those message boxes you get on a stock trading website when you login to your account) Here are the possibilities: 1 Apache::WebMessaging 2 Apache::App::WebMessaging 3 Apache::SomeOtherUniqueName (e.g. ServerMessaging, or UserMessaging, or SystemMessaging) I personally prefer 1 or 2, so if there are no serious objections, I'll pick one of those. Let me know which you like the best. -Adi
Re: [RFC] web-messaging application for mod_perl
On, or in the near vicinity of Tue, 1 Jul 2003 11:23:00 +0200 Enrico Sorcinelli <[EMAIL PROTECTED]> has thus spoken: > On Mon, 30 Jun 2003 12:57:00 -0700 > Adi Fairbank <[EMAIL PROTECTED]> wrote: > > > Apache::WebMessaging > > > > I am about ready to release an intraserver web-messaging application for > > mod_perl. A brief description of the app follows; I'd like to hear some > > comments from the mod_perl/Perl/P5EE community on: > > You could look about Apache::* modules naming conventions: > > http://perl.apache.org/products/apache-modules.html#Module_Naming_Conventions > > Apache::App::WebMessaging namespace could be a right place :-) > According to the asterisk note below Apache::App:: "However, if you are planning a substantial framework with many inter-related modules, you should probably go with a top-level namespace outside of Apache::." This app already has 7-8 inter-related modules, though I would not call it a substantial framework. In fact it requires you to already have your own application framework setup in order to use it. It's basically a plug-in application for your existing mod_perl framework. I could rename it to just WebMessaging:: but it is specifically designed for mod_perl, which is why I think it should go in Apache::. Also, I noticed there are currently no Apache::App:: modules. Should this be the first?? -Adi
Re: Few Important Questions
On, or in the near vicinity of Wed, 18 Jun 2003 18:34:09 -0700 (PDT)
Mustafa Tan <[EMAIL PROTECTED]> has thus spoken:
> Another question is that, why hosting guys avoid using
> mod_perl. Is it just because mod_perl is memory
> hungry?
>
One reason I've heard is because of namespace security issues. Ie. if ISPs
allow all their users access to mod_perl on the same Apache server, then any
user can potentially interfere with/have access to other users' mod_perl
modules. Don't know if this is a really valid reason (it seems with
Apache::Registry this would not be a problem), it's just something I've heard.
Has anyone in the mod_perl community given namespace security much thought?
> Finally how can I dynamically ban an ip address in
> mod_perl. For example, normally you can specify
> certain ip addresses with Allow, Deny directives. How
> can I do that dynamically using mod_perl.
>
You would need to write your own AuthzHandler, and specify it with a
PerlAuthzHandler directive in your Apache conf file. See the mod_perl
docs/guide/books etc. Very briefly, you'll want to do something like:
package My::IPFilter;
use Apache::Constants qw(:common M_GET FORBIDDEN REDIRECT);
sub ip_filter {
my ($class, $r) = @_;
my $ip = $r->connection->remote_ip;
my @banned_ips = ('w.x.y.z', 'a.b.c.d', ...);
if (grep($ip eq $_, @banned_ips)) {
return FORBIDDEN;
}
return OK;
}
Then, in your httpd.conf:
SetHandler perl-script
PerlAuthzHandler My::IPFilter->ip_filter
This is a very minimal example of what you need, just to get you started in the
right direction - you should consult the docs to get you further. You may want
to use "require" statements in your conf file, in which case you'll need more
than that. I recommend Apache::AuthCookie as it has good builtin support for
custom require methods in mod_perl.
-Adi
[RFC] web-messaging application for mod_perl
Apache::WebMessaging I am about ready to release an intraserver web-messaging application for mod_perl. A brief description of the app follows; I'd like to hear some comments from the mod_perl/Perl/P5EE community on: * is there anything like this already out there? * namespace suggestions (if Apache::WebMessaging is undesirable) * where and how to integrate it into the p5ee project (e.g. P5EEx::Blue::Messaging::WebMessaging ?) * general comments, questions? This software was started as a way to deliver automatic server-generated messages to users of a commercial web application. It was running on our production webserver for a few years, so could be deemed "commercial-quality" (whatever that means.. good or bad?). It has since been completely rewritten into a form more suitable for general use in the open-source community. It has support for attachments and outbound e-mail forwarding (via smtp). It dynamically generates HTML using CGI.pm, using basic HTML v3 forms for user interaction. It is entirely modular and component-oriented, so can easily be private-labelled or embedded in another application. The design is fairly similar to MVC architecture. It stores messages in a DBMS using DBI, and attachments on a filesystem with a reference in the database table. It has an object-oriented Perl API so message delivery can be triggered from either inside a running mod_perl server or from a standalone app (e.g. another daemon or a cron job). User-to-user messaging is supported through the standard web interface. My motives for releasing it open source are: * to advocate mod_perl * to attract developers to help improve the software, especially by adding extensions (e.g. inbound SMTP, pgp, gpg, jabber, alternate backing stores, interfacing with standard mailbox types: mbox, Maildir, etc) If you want to play with it before I release it to CPAN, you can get a copy here: http://adiraj.org/sw/Apache-WebMessaging/Apache-WebMessaging-0.80pre1.tar.gz TIA for any comments, -Adi
Re: full-featured online database apps
For example, what I'm looking for are other projects similar to Gedafe: http://isg.ee.ethz.ch/tools/gedafe/ but maybe with a more customizable front-end. -Adi
full-featured online database apps
Does anyone know of a good customizable, user-friendly, online database application, preferably mod_perl-based? I want to migrate a small Access database to MySQL with a web interface, for added features and room for growth. Has anyone come across a good open source project or toolkit that would make this job really easy? TIA, -Adi
Re: loss of shared memory in parent httpd
Yes, this is my theory also. I figured this out a while back, and started a thread on this list, but since then haven't had enough time to investigate it further. The thread is here: http://mathforum.org/epigone/modperl/wherdtharvoi which includes some helpful hints from Doug on how to call mlockall() from the mod_perl parent process. HTH.. I'm very curious to know if this works. -Adi Ed Grimm wrote: > > I believe I have the answer... > > The problem is that the parent httpd swaps, and any new children it > creates load the portion of memory that was swaped from swap, which does > not make it copy-on-write. The really annoying thing - when memory gets > tight, the parent is the most likely httpd process to swap, because its > memory is 99% idle. This issue aflicts Linux, Solaris, and a bunch of > other OSes. > > The solution is mlockall(2), available under Linux, Solaris, and other > POSIX.1b compliant OSes. I've not experimented with calling it from > perl, and I've not looked at Apache enough to consider patching it > there, but this system call, if your process is run as root, will > prevent any and all swapping of your process's memory. If your process > is not run as root, it returns an error. > > The reason turning off swap works is because it forces the memory from > the parent process that was swapped out to be swapped back in. It will > not fix those processes that have been sired after the shared memory > loss, as of Linux 2.2.15 and Solaris 2.6. (I have not checked since > then for behavior in this regard, nor have I checked on other OSes.) > > Ed > > On Thu, 14 Mar 2002, Bill Marrs wrote: > > > >It's copy-on-write. The swap is a write-to-disk. > > >There's no such thing as sharing memory between one process on disk(/swap) > > >and another in memory. > > > > agreed. What's interesting is that if I turn swap off and back on again, > > the sharing is restored! So, now I'm tempted to run a crontab every 30 > > minutes that turns the swap off and on again, just to keep the httpds > > shared. No Apache restart required! > > > > Seems like a crazy thing to do, though. > > > > >You'll also want to look into tuning your paging algorithm. > > > > Yeah... I'll look into it. If I had a way to tell the kernel to never swap > > out any httpd process, that would be a great solution. The kernel is > > making a bad choice here. By swapping, it triggers more memory usage > > because sharing removed on the httpd process group (thus multiplied)... > > > > I've got MaxClients down to 8 now and it's still happening. I think my > > best course of action may be a crontab swap flusher. > > > > -bill
[ANNOUNCE] ApacheBench 0.62 released
In my ongoing effort to bring the ApacheBench module up to date with the ab distributed with Apache, here is another release. This one mainly incorporates * support for HTTP Keep-Alive feature, * support for HTTP HEAD requests, * global and per-run time limits, * accurate tallying of sent, good, and failed requests (previously these were fudged) * a few small bug fixes. Please see the Changes file for complete details. Happy benchmarking! -Adi
[ANNOUNCE] ApacheBench 0.62 released
In my ongoing effort to bring the ApacheBench Perl module up to date with the ab distributed with Apache, here is another release. This one mainly incorporates * support for HTTP Keep-Alive feature, * support for HTTP HEAD requests, * global and per-run time limits, * accurate tallying of sent, good, and failed requests (previously these were fudged) * a few small bug fixes. Please see the Changes file for complete details. Happy benchmarking! -Adi
Re: Apache Bench
I got an e-mail a while back from one of the CPAN testers that my Perl API version of ApacheBench worked on Cygwin. I don't know how that compares to straight NT/2000, but you might try compiling ab with Cygwin. Since my code is based on ab, in theory ab should also work on Cygwin. You could also just use the my Perl version of ab which has most of the same functionality as ab. Let me know if it works for you. -Adi Joshua Chamas wrote: > > Last I checked, ab which comes with Apache, had not yet been ported > to NT/2000 officially. However, there does seem to be a port > available here: > > http://www.remotecommunications.com/apache/ab/ > > Upon testing their precompiled version however, I found that > that it doesn't seem to work too well, in that it can only > do some 1 request per 4 seconds :( > > -- Josh > _ > Joshua Chamas Chamas Enterprises Inc. > NodeWorks Founder Huntington Beach, CA USA > http://www.nodeworks.com1-714-625-4051
Re: [challenge] new mod_perl site
Nick Tonkin wrote: > > No one doubts your commitment to mod_perl, or your hard -- and unpaid > -- work on the guide and many other things. But if you want to be a leader > who inspires people to collaborate and work as a team under your > direction, you'd do well to work on bringing your people skills up to par > with your technical skills, IMHO. > > Have a nice day :) > > -nick Personally, I think Stas is a doing a fine job as a leader. Even if he is getting paid now, I'm sure he is still *under* paid for what he's doing. Most of us don't even notice all the things he is doing behind the scenes. Remember he is juggling many tasks now, whereas most of us only contribute a single piece of the puzzle. With a single polite e-mail he inspired me to bring the ApacheBench module up-to-date, which had gotten way out of date (from the newest ab) due to my laziness. BTW Stas, the next update with Keep-Alives is almost ready. Next will be authentication and proxy support, then SSL support. my 2c. -Adi -- We are Linux. Resistance is an indication that you missed the point.
[ANNOUNCE] ApacheBench 0.61 released
I've released a new version of ApacheBench, the Perl API to Apache's ab tool with added features that make it usable for regression testing as well as benchmarking. I am trying to keep up (catch up) with Apache's work on ab, so expect more releases soon. changes since 0.60: * bugfixes: - fixed a segmentation faults that occurred when custom Content-type: headers were used - fixed bug that prevented Host: lines to be read by server, which broke requests to virtual hosts * better error checking to eliminate configuration related segfaults * arbitrary headers can now be added to HTTP requests * removed 512 byte hard-coded maximum size of HTTP requests; now requests can be arbitrarily large * all HTTP requests are now stored and accessible via regression methods * improved documentation Have fun! Adi -- The uploaded file ApacheBench-0.61.tar.gz has entered CPAN as file: $CPAN/authors/id/A/AD/ADIRAJ/ApacheBench-0.61.tar.gz size: 54512 bytes md5: ea5c2e1ff8c1c455917bcad8b5d725e6 No action is required on your part Request entered by: ADIRAJ (Adi Fairbank) Request entered on: Tue, 23 Oct 2001 04:20:01 GMT Request completed: Tue, 23 Oct 2001 04:21:15 GMT Virtually Yours, Id: paused,v 1.74 2001/05/20 14:59:52 k Exp k
Re: [OT] Re: DB_File needs compatible versions
I had this problem also with redhat 7.1, and I fixed it the same way. I believe it is caused by loading two different versions of the same shared object into the Apache webserver. In my case, I was loading one version (db2) of berkeley db with: LoadModule db_auth_module modules/mod_auth_db.so and then a different version with DB_File.so inside mod_perl. If you leave the /usr/include/db.h pointing to db3/db.h when you compile DB_File, it results in a version 3 DB_File.so object. Another solution would probably be to comment out the LoadModule statement in your .conf. But that would only work if you don't need it for anything. -Adi [EMAIL PROTECTED] wrote: > > I have seen this one before, you will have to recompile DB_File.pm. Maybe > someone can shade some light of why this happen, anyways here's how I fix it. > > 1) I changed the symlink of db.h under /usr/include (btw, I'm using redhat 7.1) > and point it to db2/db.h > i.e. lrwxrwxrwx1 root root8 Jul 12 11:05 db.h -> db2/db.h > > 2) untar the source of db_file.pm and modify the config.in file > - change the value of INCLUDE to /usr/include > - change the value of LIB to /usr/lib > - change the value of DBNAME to -db2 > > 3) save and compile, install the source. > > -I have choose to use BerkelyDB 2 instead of 3, since I still have some berkely > db file generated with BerkelyDB2. > > -I am not completely sure if this will cause any harm to the system (especially > the symlink part), but so far, everything works just fine for me. > > Good luck. > > Tor. > > Robin Berjon wrote: > > > On Tuesday 02 October 2001 20:19, [EMAIL PROTECTED] wrote: > > > When I go to start apache with my startup.pl file it fails and says > > > > > > DB_File needs compatible versions of libdb & db.h > > > you have db.h version 3.1.17 and libdb version 2.4.14 > > > > Go to http://www.sleepycat.com, grab the latest BerkeleyDB, install it, > > re-install the Perl module DB_File, and try again. It's likely that RH messed > > these up somewhere. Otherwise, check that your includes and library paths are > > in sync (some versions of BerkeleyDB use different paths). > > > > -- > > ___ > > Robin Berjon <[EMAIL PROTECTED]> -- CTO > > k n o w s c a p e : // venture knowledge agency www.knowscape.com > > --- > > Radioactive cats have 18 half-lives.
Re: [OT] New Micro$oft vulnerability?
I wish someone would just write a worm that would put these IIS machines out of their misery and stop causing the rest of us such a headache. Nick Tonkin wrote: > > Sorry for the off-topic post; there was a lot of discussion here of > CodeRed and Reuven's module to report attempted attacks. > > Since this a.m. I have had hundreds of requests like: > > /scripts/root.exe?/c+dir > /MSADC/root.exe?/c+dir > /c/winnt/system32/cmd.exe?/c+dir > /d/winnt/system32/cmd.exe?/c+dir > /scripts/..%5c../winnt/system32/cmd.exe?/c+dir > /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir > /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir > > etc. > > They seem to come in batches of a dozen or more with slight variations in > the URI requested. I am thinking about adding support to CodeRed.pm (which > should probably be renamed if so) to report these attacks via e-mail in > the same way it does for CodeRed. Any interest in that? Or any info on > these bogus requests? > > ~~~ > Nick Tonkin
Re: "Callback called exit." x 100000
I had this problem a while back and it turned out to be an infinite loop in my code. I found it by writing in better logging mechanisms which pinpointed exactly where the infinite loop was. HTH, Adi Christoph Bergmann wrote: > > Hi... > > I have a problem with an apache_mod_perl-server which flushes the > httpd.error_log-file with the following lines: > > Attempt to free unreferenced scalar during global destruction. > Attempt to free unreferenced scalar during global destruction. > Attempt to free unreferenced scalar during global destruction. > Attempt to free unreferenced scalar during global destruction. > Out of memory! > Callback called exit. > Callback called exit. > Callback called exit. > Callback called exit. > Callback called exit. > Callback called exit. > Callback called exit. > Callback called exit. > ...etc. > > The last line "Callback called exit." is repeated a million times until > the whole disc is full. It happens from time to time, I can't say when. > Maybe it has something to do with heavy load, the webserver has about 10 > hits / second, in peak times more. > > I'm not sure it has _definitely_ something to do with mod_perl, but I > guess so, because of the "Attempt to free unreferenced scalar during > global destruction." lines before... > > Does anybody know what happens here and what to do? > > Thanx in advance! > > Best regards, > > Christoph Bergmann
Re: Apache::Session::File and free memory weirdness
Perrin Harkins wrote: > > > Odd thing #1: As it gets into evening time, load on the machine drops off > > and there are fewer httpd children running, but I am not seeing free > > memory return to that 1.3GB level. At most it comes back up to 400MB or > > so. I don't think the httpd children are hanging on to memory, because > > they cycle through pretty quickly - MaxRequestsPerChild is set to 512 and > > none of the processes are ever more than a couple minutes old when I look > > in. Is there any reason to think the parent httpd process would hang on > > to anything? > > I have noticed that over time the new processes will spawn with less memory > shared. I'm not sure exactly why this is, but it does seem to happen. A > nightly complete restart of the server will reset things, but you may not > have that option. > I have noticed this also. I have a theory about its cause, but I haven't had the free time to hack with it yet. My theory is that when the VM subsystem swaps pages of the mod_perl parent process, those pages become forever unshared (even after they return to memory from swap). So I was going to test the mlockall() Linux system call to see if it made a difference. (Search the archives for "mlockall"). However, I am using the Linux platform - the VM behavior may be totally different on Solaris. If anyone else has some time to play with mlockall() on Linux, I'd like to know the results. It'll be a few more weeks till I get a chance. -Adi
Re: ODBC for Apache
Joshua Chamas wrote: > > "Castellon, Francisco" wrote: > > > > Hi I am running on Windows98SE, Apache 1.20, mod_perl 1.25, php 4.0.6, and > > have the latest Apache::ASP installed and have Activestate's Perl installed > > (build 626). > > > > I want to be able to access, Oracle, SQL and MSAccess databases as well as a > > couple of other Databases that support ODBC. I want to access these DBs from > > my apache server. What do i need?? > > > > DBD::ODBC is your ticket, running under DBI > http://dbi.symbolstone.org/ > > You can probably install DBD::ODBC for Activestate perl with > the ppm installer, as they will likely already have compiled > it for you. Apache::DBI is installed with CPAN. > What's the stability of DBD::ODBC like? It claims to be alpha software. Does anyone have any experience with it in a production environment? Is it at least stable with MS SQL server? -Adi
Re: swapping of mod_perl parent process / mlockall()
Doug MacEachern wrote: > > On Tue, 26 Jun 2001, Adi Fairbank wrote: > > > > > If this is the case, it would be helpful to prevent the parent process from > > *ever* swapping to disk. > > > > The Linux kernel has a system call mlockall() which disables all memory > > paging for the current process. This sounds like exactly the recipe for > > preventing parent process swapping. It won't affect spawned child > > processes, so shouldn't pose a threat of consuming all physical memory and > > crashing the system. > > > > I want to play around with this, but I'm not sure where in the mod_perl > > source to call mlockall(). It would need to be before the parent spawns any > > children.. Has anyone tried using Linux's mlockall()/mlock() with mod_perl? > > according the manpage: > "Child processes do not inherit page locks across a fork." > > so you would need to call it in a child init handler, but: > "Only root processes are allowed to lock pages." Actually, I don't want child processes to inherit the page locks across a fork. I just wanted to experiment with performance issues when only the parent process is locked in memory. (I have a theory that when the parent process swaps to disk, the swapped pages become unshared for the rest of the server's life) I was hoping you could give me a hint as to where in the source code I could call mlockall(), e.g. file mod_perl.c, line NNN.. Thanks, -Adi
swapping of mod_perl parent process / mlockall()
Is it correct that when the Apache/mod_perl parent process swaps to disk, a large part of it (swapped pages) becomes unshared? Even after the kernel restores the pages from swap, do they remain unshared? So once the parent process becomes unshared, new apache children that are spawned only share the parent's pages that have never been swapped? This is what I've grok'ed from my experiments with top/GTop. If this is the case, it would be helpful to prevent the parent process from *ever* swapping to disk. The Linux kernel has a system call mlockall() which disables all memory paging for the current process. This sounds like exactly the recipe for preventing parent process swapping. It won't affect spawned child processes, so shouldn't pose a threat of consuming all physical memory and crashing the system. I want to play around with this, but I'm not sure where in the mod_perl source to call mlockall(). It would need to be before the parent spawns any children.. Has anyone tried using Linux's mlockall()/mlock() with mod_perl? -Adi
Re: Real Widgets and Template Languages
Stephen, I read your proposal and I like it a lot. I will help filling out the HTML::Widget::HTML* space (in your package structure suggestion). However, I like Gunther's suggestion for a namespace of Widget:: better than HTML::Widget::, because it will not be exclusively HTML, but WML, JS10, etc. But either one is fine with me. Sounds fun! -Adi Stephen Adkins wrote: > > Hi, > > I will step up to write this code. (if it is what I think it is) > I have responded to the message by beginning a requirements document. > >http://www.officevision.com/pub/HTML-Widget/ > > Please read it and send me any comments.
Re: Real Widgets and Template Languages
Gunther, I have been interested in the concept of an HTML widget module for a while now. The reason being, my application currently generates all HTML using CGI.pm in a mod_perl handler OO-style design, and we are starting to notice patterns.. similar pieces of HTML that get generated over and over. Needless to say, componentized, reusable widgets would be very useful for us. Though I can't make the commitment of writing it myself (if I did, it would be about 6 months before you saw any code), I would definitely contribute to it, if it existed. And like you said, the hard part is getting people to write the widget objects. -Adi
Re: an unusual [job request] + taking mod_perl to the commercialworld
On Sat, 28 Apr 2001, Gunther Birznieks wrote: [text cut] > > So for Adi -- I think the messaging server is great and I am sure it is > cool and works well. And I am sure there are people on this list who will > benefit. But unless your company makes the healthcare system itself open > source, then it's another application that we don't have to make people > interested in using mod_perl from the application side. > [text cut] > > The problem is that most company's that spend the time to write an app > based on Java close-source that app. The same thing is true of the mod_perl > world if things like Adi's healthcare system or SmartWorker's OpenDesk > remain closed systems. I know that they consider it their business model to > have to keep these closed source. But it also means less applications on > top of mod_perl to entice the masses to it. > Thanks Gunther, We actually have discussed releasing our entire application open source. I personally would love to release it, being the chief architect, but there are other people involved who have put in a lot of work (directional/advisement/guidance... not coding) who would not benefit nearly as much as I would from it being open source. Also, as a company we have to evaluate what the best option is financially. We are currently a pretty low-budget operation, and if we release it what will prevent someone with deep pockets to come along, take it, and then dump tons of money into marketing it under a different brand name? I'm sure we could devise a license that would prevent such an occurrence, but it would have to be a pretty restrictive license, which would in itself limit the interest in the software. I know releasing it open source would get plenty of interest from developers, but would it generate interest from potential customers? We concluded that it probably wouldn't make much difference since healthcare is in general way behind the technology curve. Most people in healthcare haven't even heard of Linux yet. (that may be a bit of an exaggeration, but not too much) In any case, we are still planning on releasing it eventually - to allow it to grow beyond what our in-house development crew is capable of. We really are just waiting to gain some significant market share and brand recognition in order to make it more difficult for someone to take our software and compete with us directly. We also need to rewrite parts of it and document it. I personally would be embarassed if the open source community saw certain parts of it. :-) Any comments are much appreciated. Cheers, -Adi
Re: an unusual [job request] + taking mod_perl to the commercialworld
On Fri, 27 Apr 2001, Jeffrey W. Baker wrote: > > > On Sat, 28 Apr 2001, Gunther Birznieks wrote: > > > Well, you know how I feel. :) But the others don't so... > > > > I believe the most crucial and missing approach is to put resources into > > making ready-made applications that work on mod_perl rather than core > > mod_perl itself. This is also a problem on Linux, but that's another story. > > A quantity of applications for mod_perl or that demonstratively show that > > using mod_perl is a benefit (ie fast) is necessary (and I don't mean tech > > products like AxKit -- which are great but not what I am talking about) > > I will be demonstrating a canned micropayment system at O'Reilly in San > Diego this year. The reference implementation for the content provider > uses mod_perl. I think you are right that most people in non-tech > business want a solution that works immediately, rather than a toolbox. > The toolbox is already there with Apache, mod_perl, and DBI, now > application developers can just step up and deliver. > My company has developed an internal messaging application that is written as mod_perl handler / DBI / CGI. It is like the internal messaging systems you see at trading sites like etrade, but more featureful... it supports sending messages to other users on the system, attaching files, and SMTP connectivity. It was designed for use by healthcare parties who require a secure environment (we run it behind our SSL server). We are planning on releasing it as soon as we can fully separate it from the rest of our code. Mostly just wanted to let people know in case they were in need of something like this and were thinking of developing it themselves. Cheers, - Adi
Re: mod_perl shared memory with MM
Sean, Yeah, I was thinking about something like that at first, but I've never played with named pipes, and it didn't sound too safe after reading the perlipc man page. What do you use, Perl open() calls, IPC::Open2/3, IPC::ChildSafe, or something else? How stable has it been for you? I just didn't like all those warnings in the IPC::Open2 and perlipc man pages. -Adi Sean Chittenden wrote: > > The night of Fat Tuesday no less... that didn't help any > either. ::sigh:: > > Here's one possibility that I've done in the past becuase I > needed mod_perl sessions to be able to talk with non-mod_perl > programs. I setup a named bi-directional pipe that let you write a > query to it for session information, and it wrote back with whatever > you were looking for. Given that this needed to support perl, java, > and c, it worked _very_ well and was extremely fast. Something you > may also want to consider because it keeps your session information > outside of apache (incase of restart of apache, or desire to > synchronize session information across multiple hosts). > > -sc >
Re: mod_perl shared memory with MM
Sean Chittenden wrote:
>
> > > Is there a way you can do that without using Storable?
> >
> > Right after I sent the message, I was thinking to myself that same
> > question... If I extended IPC::MM, how could I get it to be any
> > faster than Storable already is?
>
> You can also read in the data you want in a startup.pl file
> and put the info in a hash in a global memory space
> (MyApp::datastruct{}) that gets shared through forking (copy on write,
> not read, right?). If the data is read only, and only a certain size,
> this option has worked _very_ well for me in the past. -sc
>
Yeah, I do use that method for all my read-only data, but by definition the
persistent session cache is *not* read-only... it gets changed on pretty much
every request.
-Adi
Re: mod_perl shared memory with MM
Perrin Harkins wrote: > > Adi Fairbank wrote: > > > > I am trying to squeeze more performance out of my persistent session cache. In > > my application, the Storable image size of my sessions can grow upwards of > > 100-200K. It can take on the order of 200ms for Storable to deserialize and > > serialize this on my (lousy) hardware. > > > > I'm looking at RSE's MM and the Perl module IPC::MM as a persistent session > > cache. Right now IPC::MM doesn't support multi-dimensional Perl data > > structures, nor blessed references, so I will have to extend it to support > > these. > > Is there a way you can do that without using Storable? Right after I sent the message, I was thinking to myself that same question... If I extended IPC::MM, how could I get it to be any faster than Storable already is? Basically what I came up with off the top of my head was to try to map each Perl hash to a mm_hash and each Perl array to a mm_btree_table, all the way down through the multi-level data structure. Every time you add a hashref to your tied IPC::MM hash, it would create a new mm_hash and store the reference to that child in the parent. Ditto for arrayrefs, but use mm_btree_table. If this is possible, then you could operate on the guts of a deep data structure without completely serializing and deserializing it every time. > If not, maybe > you should look at partitioning your data more, so that only the parts > you really need for a given request are loaded and saved. Good idea! That would save a lot of speed, and would be easy to do with my design. Silly I didn't think of that. > > I'm pleased to see people using IPC::MM, since I bugged Arthur to put it > on CPAN. However, if it doesn't work for you there are other options > such as BerkeleyDB (not DB_File) which should provide a similar level of > performance. Thanks.. I'll look at BerkeleyDB. -Adi
mod_perl shared memory with MM
I am trying to squeeze more performance out of my persistent session cache. In my application, the Storable image size of my sessions can grow upwards of 100-200K. It can take on the order of 200ms for Storable to deserialize and serialize this on my (lousy) hardware. I'm looking at RSE's MM and the Perl module IPC::MM as a persistent session cache. Right now IPC::MM doesn't support multi-dimensional Perl data structures, nor blessed references, so I will have to extend it to support these. My question is: is anyone else using IPC::MM under mod_perl? .. would you if it supported multi-dimensional Perl data? My other question is: since this will be somewhat moot once Apache 2.0 + mod_perl 2.0 are stable, is it worth the effort? What's the ETA on mod_perl 2.0? Should I spend my effort helping with that instead? Any comments appreciated, -Adi
[OT] Re: mkdir function syntax
Chriss, Please mark your subject [OT] for off-topic in the future, as this is not a mod_perl question, but a general Perl question and probably should be taken to one of the comp.lang.perl.* newsgroups anyway. In the good natured spirit of the mod_perl community, I'll answer the question anyway. replace 14 MKDIR ($makeDirectoryDocs$ProjectNumber); 15 16 MKDIR ($makeDirectoryImages$ProjectNumber); with 14 mkdir ($makeDirectoryDocs.$ProjectNumber, 0755); 15 16 mkdir ($makeDirectoryImages.$ProjectNumber, 0755); On my platform, mkdir must be lowercase, but maybe not on yours. It also requires a second MODE parameter, but likely not on the mac. You'll also need to change 22 to 22 in order for CGI.pm to get your ProjectNumber correctly. -Adi
Re: [ANNOUNCE] Apache::SOAP 0.47 (mod_soap)
Paul, I've done some work on Keith Brown's SOAP module, and I like its design, but one thing I noticed is that it is slow. Even under mod_perl, it can take up to 1 second(!) to serialize a large data structure. I believe the reason is that it makes method calls for every element in the Perl data structure, and method calls in Perl are inefficient due to the symbol table lookups and @ISA checking. So the larger the data structure the worse the performance. (I added array support to it and tested an array of 200 values, which took ~1 sec to serialize under mod_perl). I'd be interested in speed comparisons between SOAP and SOAP::Lite. I've looked at your code, but not actually run it. It doesn't look like you use recursive method calls the way Keith does. Have you done any benchmarks on large data structure serialization? I assume deserialization performance will be roughly equivalent for SOAP vs. SOAP::Lite since they both use XML::Parser. I read the PERFORMANCE section on base64 encoding, but it didn't mention serialization speed. I am currently using SOAP, because I like the DM design, but I would switch to SOAP::Lite if its serialization speed is significantly better. Cheers, -Adi Paul Kulchenko wrote: > > > you are dedicated to supporting the full SOAP API (not sure what > > SOAP::Lite leaves out). > First thing I did seven months ago was my email to Keith Brown > (author of DM's SOAP/Perl module) about possible ways for cooperation > and I'v been told that he's willing to, but design of his module > should be consistent with other DM's implementations and he has no > plans to change it. There was no easy way to combine our efforts and > I came up with another implementation. Don't want to praise myself, > but feature set seems to be pretty comparable with other toolkits. I > took ::Lite, just because SOAP namespace was already taken. It does > much more than you can expect from something with suffix Lite. "Lite > suffix reflects number of calories you should spend using this > module". >
[ANNOUNCE] ApacheBench 0.60
The uploaded file
ApacheBench-0.60.tar.gz
has entered CPAN as
file: $CPAN/authors/id/A/AD/ADIRAJ/ApacheBench-0.60.tar.gz
size: 51190 bytes
md5: e2325d7f89e32fecb6f76643ae38f7ed
No action is required on your part
Request entered by: ADIRAJ (Adi Fairbank)
Request entered on: Fri, 23 Feb 2001 20:03:29 GMT
Request completed: Fri, 23 Feb 2001 20:04:51 GMT
Significant new features since 0.52:
- much better OO API
- new memory level setting to store only certain information
about each regression run (meant to reduce memory usage)
- customizable Content-type: headers in http requests
(need content type "text/xml" for soap and xml/rpc)
NAME
HTTPD::Bench::ApacheBench - Perl API for Apache
benchmarking and regression testing.
SYNOPSIS
use HTTPD::Bench::ApacheBench;
my $b = HTTPD::Bench::ApacheBench->new;
# global configuration
$b->concurrency(5);
$b->priority("run_priority");
# add HTTP request sequences (aka: runs)
my $run1 = HTTPD::Bench::ApacheBench::Run->new
({ urls => ["http://localhost/one", "http://localhost/two"] });
$b->add_run($run1);
# send HTTP request sequences to server and time responses
my $ro = $b->execute;
# calculate hits/sec
print (1000*$b->total_requests/$b->total_time)." req/sec\n";
GOALS
This project is meant to be the foundation of a complete
benchmarking and regression testing suite for an advanced,
transaction-based mod_perl site. We need to be able to
stress our server to its limit while also having a way to
verify the HTTP responses for correctness. Since our site
is transaction-based (as opposed to content-based), we
needed to extend the single-URL ab model to a multiple-URL
sequence model.
ApacheBench is based on the Apache 1.3.12 ab code
(src/support/ab.c).
...
see the pod for full documentation
Re: Response time under mod_perl
Michael Fuhr wrote: > > On Fri, Dec 08, 2000 at 02:57:33AM -0200, Edmar Edilton da Silva wrote: > > > I need to know the response time of a Perl script running under > > mod_perl. To do this I need a function that it's returns the current time > > of the system in milliseconds. Please, have anyone any idea what function I can >use? > > Try the Time::HiRes module on CPAN. > Or HTTPD::Bench::ApacheBench if you want to see response time from the perspective of the client. -Adi - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Apache User Creation
Manhar, HTTPD-User-Manage is exactly what you're looking for. Get it from CPAN at: http://www.cpan.org/modules/by-authors/id/L/LD/LDS/HTTPD-User-Manage-1.54.tar.gz -Adi > Manhar Goindi wrote: > > Hi, > > Are there any APIs available in Apache modperl which can be used to create > Apache users in Perl/CGI scripts? Are there any ways (I mean through APIs) to > delete these created Apache users and modify the passwords of these Apache > users? We would appreciate a lot of help in this area. If this is not the > right forum pertaining to this discussion, then could you send me the e-mail > address of the forum where I can pose my queries? > > > Thanks & Best Regards, > Manhar Goindi - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: AuthCookie
Check your apache logs.. I don't think your server is actually sending the protected page, Netscape is showing you a cached version. I think this is a bug in Netscape 4.7 (for linux anyway), because that happens to me occasionally even with "Cache-Control: no-cache" and no "Expires:" header. If you click reload, it will actually hit the server and show you your login script page again. HTH, -Adi Kiran Kumar wrote: > > Hi, > I have Installed AuthCookie Module but it does not work on netscape (4.7) > but works on IE . >In netscape after I logout and later i request a protected page i still > get the page ,Can anyone help me on this . > > Thanks in advance > > Kiran > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: two identical directives in configuration (doc patch included)
Dave Kaufman wrote:
>
> "Adi Fairbank" <[EMAIL PROTECTED]> wrote:
> > Dave Kaufman wrote:
> > >
> > > $Location{"blah"} = {
> > > require => "group payer_manager, payer_group demo"
> > > };
> > > should do the trick.
> >
> > I wrote:
> > > Thanks, that fixed it.
> >
> > Actually, no that didn't fix it!
> > $r->requires
> > returns
> > [{ 'group' => "payer_manager, payer_group demo"}]
>
> d'oh! we have the syntax wrong to begin with.
>
> http://www.apache.org/docs/mod/core.html#require says:
>
Yes, but I'm using Apache::AuthCookie, which allows you to implement your own
require methods. Theoretically, I could have as many require'ments as I write
perl methods in the PerlAuthzHandler.
require group payer_manager
require payer_group demo
require user_ip 127.0.0.1
require dayofweek wednesday
etc..
This is why it would be useful for sections to support:
$Location{"blah"} = {
require => ["req 1", "req 2", "req 3", "req 4", ..]
};
-Adi
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: two identical directives in configuration (doc patch included)
Dave Kaufman wrote:
>
> i belive it is. in fact, i didn't realize specifing two require coditions (one
>group and one user) worked on *separate* lines :)
>
> something like:
>
> $Location{"blah"} = {
> require => "group payer_manager, payer_group demo"
> };
>
> should do the trick.
>
> -dave
I wrote:
> Thanks, that fixed it.
Actually, no that didn't fix it!
$r->requires
returns
[{ 'group' => "payer_manager, payer_group demo"}]
for the above $Location{} directive. It does no comma separation. I guess the
only workaround is to split on comma after calling $r->requires (in the Auth
handler).
This is definitely not ideal.. I think we should fix this in perl_config.c.
Basically I think there should be some straightforward way to have two (or more)
require statements in $Location{} directives. The most logical seems to be what
Tom suggested:
require => ["group payer_manager", "payer_group demo"]
I'd be happy to submit patches if I got a go ahead from Doug that this would be
useful.
-Adi
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: two identical directives in configuration (doc patch included)
Dave Kaufman wrote:
>
> i belive it is. in fact, i didn't realize specifing two require coditions (one
>group and one user) worked on *separate* lines :)
>
> something like:
>
> $Location{"blah"} = {
> require => "group payer_manager, payer_group demo"
> };
>
> should do the trick.
>
> -dave
Thanks, that fixed it.
One thing I noticed through all this, is I think the mod_perl documentation is
wrong.. I don't think the following is supported...
DirectoryIndex => [qw(index.html index.htm)],
... unless DirectoryIndex is a special case.
>From perl_config.c:
1148 #define SECiter_list(t) \
1149 { \
1150 I32 i; \
1151 for(i=0; i<=AvFILL(entries); i++) { \
1152 SV *rv = *av_fetch(entries, i, FALSE); \
1153 HV *nhv; \
1154 if(!SvROK(rv) || (SvTYPE(SvRV(rv)) != SVt_PVHV)) \
1155 croak("not a HASH reference!"); \
1156 nhv = newHV(); \
1157 hv_store(nhv, (char*)key, klen, SvREFCNT_inc(rv), FALSE); \
1158 tab = nhv; \
1159 t; \
1160 SvREFCNT_dec(nhv); \
1161 } \
1162 entries = Nullav; \
1163 continue; \
1164 }
lines 1154-1155 will cause it to croak if any array value in entries is not a
hashref, so an arrayref of scalars (e.g. DirectoryIndex => [qw(index.html
index.htm)]) won't work.
Am I wrong here? I did some simple tests which confirmed my suspicions, but I
may still be missing something.
Below is a documentation patch that I think will prevent other people's
confusion in the future:
Index: mod_perl.pod
===
RCS file: /home/cvspublic/modperl/mod_perl.pod,v
retrieving revision 1.20
diff -u -r1.20 mod_perl.pod
--- mod_perl.pod2000/03/05 23:46:30 1.20
+++ mod_perl.pod2000/11/17 23:18:54
@@ -618,7 +618,7 @@
AuthUserFile => '/tmp/htpasswd',
AuthType => 'Basic',
AuthName => 'test',
- DirectoryIndex => [qw(index.html index.htm)],
+ DirectoryIndex => 'index.html index.htm',
Limit => {
METHODS => 'GET POST',
require => 'user dougm',
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: two identical directives in configuration
No I tried that (sorry I should have said so). I think:
$Location{"blah"} = {
require => ["group payer_manager", "payer_group demo"]
};
is equivalent to:
require group payer_manager payer_group demo
but I'm not sure. In any case, it doesn't work. Maybe I'll have a looksee at
the source code.
-Adi
Tom Lancaster wrote:
>
> I think require => ["group payer_manager", "payer_group demo"] should do it.
>
> On Fri, Nov 17, 2000 at 01:11:09PM -0500, Adi Fairbank wrote:
> > Say I have a $Directory{} configuration in a section like so:
> >
> > $Directory{"/home/httpd/html-ssl/demo"} = {
> > SetHandler => "perl-script",
> > PerlAuthenHandler => "Authen",
> > PerlAuthzHandler => "Authz",
> > require => "group payer_manager",
> > require => "payer_group demo",
> > };
> >
> > Obviously this won't work because the second "require => " directive will
> > clobber the first. So what's the workaround? I couldn't think of what the
> > logical perl translation to having two require directives would be...
> >
> > -Adi
> >
> > -
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
>
> --
> Tom Lancaster Red Hat, Inc.
> Web Engineer(415) 777-9810 x 228
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
two identical directives in configuration
Say I have a $Directory{} configuration in a section like so:
$Directory{"/home/httpd/html-ssl/demo"} = {
SetHandler => "perl-script",
PerlAuthenHandler => "Authen",
PerlAuthzHandler => "Authz",
require => "group payer_manager",
require => "payer_group demo",
};
Obviously this won't work because the second "require => " directive will
clobber the first. So what's the workaround? I couldn't think of what the
logical perl translation to having two require directives would be...
-Adi
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL/encryption & mod_perl
"B. Burke" wrote: > > I've got a question related to encryption and mod_perl. I'm running > an apache mod_perl server (AIX and Linux platforms) to serve HTML > forms, query backend databases, and print formatted results. I currently > use .htaccess for authentication, although this will probably change. > > My problem is that the user/pass info. and much of the data is > sensitive, and I'm looking for a way to implement SSL or encryption. > > If anyone can point me in the right direction for implementing > encryption that is compatible with apache/mod_perl, I'd appreciate > it. Use RSE's excellent open-source SSL software. http://www.modssl.org/ http://www.openssl.org/
Re: how to really bang on a script?
"Christopher L. Everett" wrote:
>
> Adi wrote:
> >
> > martin langhoff wrote:
> > >
> > > Chris,
> > >
> > > i'd bet my head a few months ago someone announced an apache::bench
> > > module, that would take a log and run it as a benchmarking secuence of
> > > HTTP requests. just get to the list archives and start searching with
> > > benchmarks and logs. CPAN is your friend, also.
> >
> > It was HTTPD::Bench::ApacheBench. It is a Perl API to ab. It doesn't take a
> > log per se, it simply sends sequences of HTTP requests and benchmarks the
> > results. I'm sure you could very easily write a script to parse a log and then
> > make a benchmarking run out of it.
>
> Yes, I considered ab and I did find HTTPD::Bench::ApacheBench, while
> excellently
> done and copiously documented, isn't quite what I need:
>
> 1) I want to spoof the IP addresses of the browsers (I just realized
> that
>since I'm using mod_proxy_add_forward anyway, I can make the
> requester
>script behave as a proxy; the rest is cookbook). I can't find
> provision
>for that in the interface for HTTPD::Bench::ApacheBench.
Yeah, that would require adding arbitrary HTTP headers to each benchmark
request... that's currently on our to-do list (I think).
> 2) Record the query parameters as well as the response's MD5 checksum
>directly in a database table on the fly.
This is all possible with ApacheBench. It wouldn't be stored in real-time (i.e.
as the request is sent) but you set up the benchmarking runs, so you know all
the query parameters (which are all either in the URI or the postdata for each
request), and ApacheBench returns all the response data, which you can then pass
thru an MD5 hash and store in the database.
> 3) The interface is more suited to setting up, then executing a batch
> run
>programmatically, rather than replaying a log.
Right.. it was designed to be generally useful. To replay a log you simply need
to set up a batch that exactly duplicates your log.
>
> Having examined the ApacheBench.pm source, I don't see how I can make it
> do
> what I want by subclassing it. Also the code is a little bit mystifying
I didn't really intend it to be subclassed, because basically all it is is a
single XS function with a little perl to set it up and store the results. You
should be able to inherit it's methods if you want, though I don't see what it
would get you over just instantiating an ApacheBench object.
package MyModule;
@ISA = qw(HTTPD::Bench::ApacheBench);
MyModule->add({urls => ["http://url.one/", "http://url.two/"]});
my $r = MyModule->execute;
> to
> me in that the last line in the execute method, "return $self->ab;" is
> the
> only mention of the class method "ab" in the entire file. Obviously I
That's because "ab" is the XS function that sends the HTTP requests and builds
up a hash with all the response data and times. All the looping is done in C
for speed. Take a look at ApacheBench.xs. (especially if you feel like adding
the arbitrary HTTP request header functionality, hint hint :)
> have
> _much, much_ more to learn ... :)
No, actually you pointed out some good feature additions that we should think
about making to ApacheBench. Thanks.
-Adi
Re: how to really bang on a script?
martin langhoff wrote: > > Chris, > > i'd bet my head a few months ago someone announced an apache::bench > module, that would take a log and run it as a benchmarking secuence of > HTTP requests. just get to the list archives and start searching with > benchmarks and logs. CPAN is your friend, also. It was HTTPD::Bench::ApacheBench. It is a Perl API to ab. It doesn't take a log per se, it simply sends sequences of HTTP requests and benchmarks the results. I'm sure you could very easily write a script to parse a log and then make a benchmarking run out of it. -Adi
Re: XML help (offtopic)?
Have you looked at SOAP::Lite and the rest of the SOAP:: hierarchy on CPAN? They may not be of direct help if you've already got a home-grown XML transport protocol, but it might give you some good ideas. And, it may save you lots of time in the long run if you can convert your home-grown XML system to use the SOAP standard. BTW, has anyone played with these SOAP modules much? Specifically, are they well-written / optimized for mod_perl? -Adi Geoffrey Gallaway wrote: > > I know this isnt the right place to ask this question but if someone could > at least fill me in and point me in the right direction I'd be gratefull. > > I'm trying to find a way to do XML over HTTP. I have a project at work > that I'm doing where we have a XML based system. The system would connect > to port 80 and do XML over HTTP. I'm not exactly sure what this entails > but I'm guessing using the HTTP protocall to send XML. So, you get the > HTTP methods (GET, POST, HEAD, etc) and headers (Date, Server, > Content-Type, etc) but with XML data instead of HTML. Now, I understand I > could easily use apache to send XML data (GET) but I'm not to sure how I > should handle receiving XML (POST). I definetly want to do the XML parsing > and such with perl (I've been playing with XML::Parser, very cool). What > am I missing? > > Thanks, sorry for being offtopic and for the bad explanation... > Geoff > > -- > Geoffrey Gallaway || This may seem a bit weird, but that's okay, because it > [EMAIL PROTECTED] || is weird. > D e v o r z h u n ||-- Tom Christiansen
(possible bug) PerlAccessHandler called twice?
I am using mod_proxy_add_forward to get the correct IP address from the proxy
server, as described in the guide. On my back-end mod_perl server, I want to
limit access only to requests coming from the proxy server. I can't use simple
IP-based access control via mod_access because PerlPostReadRequestHandler runs
before PerlAccessHandler, so $r->remote_addr has already been changed to the
client's IP.
So, I wrote my own PerlAccessHandler that reads $r->notes to see if the request
came from the proxy:
sub My::ProxyAccessOnly {
my $r = shift;
my $from_proxy = $r->notes("PROXY_REQUEST");
$r->warn("from_proxy = '$from_proxy'");
return FORBIDDEN unless $from_proxy;
return OK;
}
PerlAccessHandler My::ProxyAccessOnly
I added a line to Ask's My::ProxyRemoteAddr that sets $r->notes:
sub My::ProxyRemoteAddr($) {
my $r = shift;
# we'll only look at the X-Forwarded-For header if the requests
# comes from our proxy at localhost
return OK unless $r->connection->remote_ip eq '127.0.0.1';
if (my ($ip) = $r->header_in('X-Forwarded-For') =~ /([^,\s]+)$/) {
$r->notes("PROXY_REQUEST" => 1); #note that this comes from proxy
$r->connection->remote_ip($ip);
$r->warn("set remote ip to $ip");
}
return OK;
}
PerlPostReadRequestHandler My::ProxyRemoteAddr
In my log I get, for each request:
[Thu Sep 28 17:02:25 2000] [warn] set remote ip to 192.168.178.13
[Thu Sep 28 17:02:25 2000] [warn] from_proxy = '1'
[Thu Sep 28 17:02:25 2000] [warn] from_proxy = '0'
As it turns out, the second call to My::ProxyAccessOnly is an internal redirect,
because if I add the following line, everything works as expected, and I only
get one log line.
return DECLINED if !$r->is_initial_req;
[Thu Sep 28 17:02:25 2000] [warn] set remote ip to 192.168.178.13
[Thu Sep 28 17:02:25 2000] [warn] from_proxy = '1'
Is there a logical reason why PerlAccessHandler should be called twice, the
second time from within Apache? Also, is there a better way I should go about
accomplishing my desired goal of only allowing proxy-through requests to the
mod_perl server?
-Adi
[ANNOUNCE] new module HTTPD::Bench::ApacheBench
Stas Bekman wrote: > > > Before I upload it to CPAN, are there any objections to calling it > > "ApacheBench"? Other names I considered are "Bench", "ab", "ABuse"... but > > ApacheBench I thought was the best because an m/Apache/ search on CPAN will find > > it. > > That's the proper name, since it's a glue code for ab, plus extra > fuctionality. The only thing I'd add is a prefix so we could put other > Benchmarking implementation under the same tree. Especially as you have > mentioned in the pod it's not mod_perl specific. I'd go for > HTTPD::Bench:: or HTTPDBench:: tree. Ok, I've renamed it to HTTPD::Bench::ApacheBench. > > But you have already released it on CPAN, so I don't know... (I couldn't > reply earlier since I was preaching mod_perl at YAPC::Europe, which was > a very cool conference :) It did go into CPAN but the metadata never got in, so it didn't show up on searches. I hope the rename doesn't affect anyone. Hope you had fun at the conference. I'll make it to one (one of these years). :) > > > Stas, hopefully I'll be able to integrate this with your new Apache::Benchmark > > module. I haven't had time to look over yours fully, but I'm thinking your > > module will be a layer around this. Currently Apache::Benchmark uses ab, > > right? This module almost completely replaces ab. There are a few features > > that still need to be added. > > Yup, cool. In fact you are welcome to take over it :) Apache::Benchmark > shouldn't be depenfing on the actual engine used for Benchmarking. One > should be able to plug any engine instead of ab. > Yes, I'll be looking at it extensively in the next few months. So I might just take it over. :) -- The uploaded file ApacheBench-0.51.tar.gz has entered CPAN as file: $CPAN/authors/id/A/AD/ADIRAJ/ApacheBench-0.51.tar.gz size: 46603 bytes md5: d9e5bd55500da2c040fe88c4a08b69ae No action is required on your part Request entered by: ADIRAJ (Adi Fairbank) Request entered on: Tue, 26 Sep 2000 16:18:49 GMT Request completed: Tue, 26 Sep 2000 16:19:31 GMT Virtually Yours, Id: paused,v 1.68 1999/10/22 14:39:12 k Exp k
[ANNOUNCE] new module ApacheBench
It took a little longer than planned, but here it is. It is a Perl API to
the Apache ab tool. It took so long because we added a number of useful
features, mainly the ability to benchmark sequences of URLs instead of just
one.
Before I upload it to CPAN, are there any objections to calling it
"ApacheBench"? Other names I considered are "Bench", "ab", "ABuse"... but
ApacheBench I thought was the best because an m/Apache/ search on CPAN will find
it.
Stas, hopefully I'll be able to integrate this with your new Apache::Benchmark
module. I haven't had time to look over yours fully, but I'm thinking your
module will be a layer around this. Currently Apache::Benchmark uses ab,
right? This module almost completely replaces ab. There are a few features
that still need to be added.
Here are the first few sections of the manual. Download the full package at
http://adiraj.org/sw/ApacheBench/ApacheBench-0.5.tar.gz. Enjoy.
-Adi
---
NAME
ApacheBench - Perl API for Apache benchmarking and
regression testing.
SYNOPSIS
use ApacheBench;
my $b = ApacheBench->new;
# global configuration
$b->config({
concurrency => 5,
priority => "run_priority",
});
# add sequence(s) of URLs to request
$b->add({
repeat=> 10,
cookie=> ["Login_Cookie=b3dcc9bac34b7e60;"],
urls => ["http://localhost/one",
"http://localhost/two"], postdata => [undef, undef],
order => "depth_first",
});
my $regress = $b->execute;
# calculate hits/sec == ($#urls+1)*$n*1000 / total_time
print (2*10*1000/$regress->{"total_time"})." req/sec\n";
# dump the entire regression hash (WARNING, this could be a LOT OF
DATA)
use Data::Dumper;
my $d = Data::Dumper->new([$regress]);
print $d->Dumpxs;
GOALS
This project is meant to be the foundation for a complete
benchmarking and regression testing suite for an advanced,
transaction-based mod_perl site. We need to be able to
stress our server to its limit while also having a way to
verify the HTTP responses for correctness. Since our site
is transaction-based (as opposed to content-based), we
needed to extend the single-URL ab model to a multiple-URL
sequence model.
ApacheBench is based on the Apache 1.3.12 ab code
(src/support/ab.c).
Note: although this tool was designed to be used on an
Apache mod_perl site, it is generally applicable to any
HTTP-compliant server. Beware, however, that it sends a
high volume of HTTP requests in a very short period of
time, which may overwhelm some weaker HTTP server
platforms like NT/IIS.
DESCRIPTION
ApacheBench sends sequences of HTTP requests to an HTTP
server and keeps track of the time taken to receive a
response, the data that was returned, the size of the data
that was returned, and various other bits of information.
Since it is implemented in C, it sends HTTP requests in a
tight loop which can stress your server to 100% capacity,
especially if invoked in multiple concurrent instances.
It gives accurate time measurements down to the
millisecond for each HTTP request-response interval.
Included is a simplified re-implementation of ab using the
ApacheBench Perl API. This should help get you started
with ApacheBench.
METHODS
new()
The constructor. It takes no arguments.
config({ %global_params })
Global configuration method. Should only be invoked
once, else previous configuration parameters will be
clobbered. See the global configuration section for
details on how %global_params should be structured.
add({ %run_params })
Run configuration method. Can be invoked multiple
times. Each invocation will register a new benchmark
run to be executed. See the run configuration section
for details on how %run_params should be structured.
execute()
The execute method takes no arguments. It will send
the HTTP requests and return a hash reference to the
regression data.
Re: A precision about "All RAM Consumed" in the manual
Benoit Caron wrote:
>
> sub UNIVERSAL::AUTOLOAD {
>my $class = shift;
>warn "$class can't \$UNIVERSAL::AUTOLOAD!\n";
> }
>
> to trap the memory leaking that can occur if a sub is undefined. But
> where should I put this sub? In all my mod-perl module? In my startup.pl
> file?
You can either put it in your startup.pl, or in a section in
your httpd.conf file. I do the latter. Putting it in all your mod_perl
modules would be redundant (and might give you compile-time errors).
>
> And, since I'm there, anyone can recommend me a way to hunt the memory
> leak of my modules? I've inherit an already well developped site that
> leak a lot and I'd like to trap those memory leaking... I'm on Solaris,
> if that can help...
Apache::Leak
-Adi
Re: Proxy setup w/ SSL
Nigel Hamilton wrote: > > Hi, > Also, does anyone know a way to speed up SSL somehow? There are hardware SSL accelerators that you can buy (quite expensive) which offload the CPU-intensive encryption algorithms, freeing up your CPU to do other things. Personally, I think a better approach is to use a load-balanced set of proxy/SSL servers, as Stas describes in the guide. Commodity PC hardware running Linux has a much better performance/price ratio than expensive, single-purpose SSL accelerators. -Adi
Re: Where to get benchmarking utilities?
ApacheBench comes with Apache (src/support/ab.c). Stas has a benchmarking perl module available at http://stason.org/work/modules/Apache-Benchmark-0.01.tar.gz which uses ab to run tests. I am working on a perl (XS) interface to ab, with some extra features, which should be ready for first release in a week or two. Sounds like you don't need much more than ab at the moment though. -Adi Rich Lemanski wrote: > > Hello all, > > I just visited Stas Bekman's Benchmarking Applications page at: > http://thingy.kcilink.com/modperlguide/performance/Benchmarking_Applications.html > > I was wondering where I can download those benchmarking utilities > ApacheBench and Crashme test? From what I can recall, ApacheBench comes > with Linux but I not sure. I am hoping these will help me benchmark the > performance differences between mod_perl and Perl/CGI on Apache across > multiple operating systems: Mandrake Linux 7.0, Solaris 7.0, and Win98se. > > Thanks for the help! > > Rich
Re: Hope you didn't miss me too much
Must be nice being your own boss! I think we missed not just your technical expertise but also your moral guidance (don't worry though, there wasn't another eToys thread). Glad to have you back... -Adi "Jeffrey W. Baker" wrote: > > I got a three week vacation from technology as a wedding gift from myself. > I'm back now, and I'll get around to answering many of the Apache::Session > questions I recieved in the coming days. > > Cheers, > Jeffrey
Re: [OT] Apache Bench (ab.c) written as perl XS module?
Stas, Yes, actually I downloaded your Apache::Benchmark a while back, and have looked through it quite a bit. I definitely plan on using it, and agree we should continue further development together. Actually #3 on your Apache::Benchmark TODO was what gave me the idea to do this. Thanks (everyone) for the responses, I'll get back to you all when we have something concrete. -Adi Stas Bekman wrote: > > Adi, I've already implemented a part of the thing you are talking about. > At least the core of it. At this point I've the framework for benchmarking > suites and I invoke ab directly and then I have the module that process > the results and print the nice output. No manual processing anymore. > > Replacing ab binary with Perl API to the library is one of the things I'd > really like to have in this benchmarking suite. > > Grab the package from: > http://stason.org/work/modules/Apache-Benchmark-0.01.tar.gz > > And if you like the way it's implemented it would be really cool to work > on the further development together. >
[OT] Apache Bench (ab.c) written as perl XS module?
[OT: already posted to [EMAIL PROTECTED], just thought people here might have suggestions, comments, etc] I am thinking about writing the XS glue for the apache bench tool (ab). The ab code as it is, is not very flexible, but it is damn fast. If I implemented it as a perl XS module, I could add the flexibility into a nice OO package. Is there any interest in such a module? Could it fit in with LWP somehow? I have not tried out LWPng yet - does it use XS code to speed up requests much faster than LWP? At our company we need to write a benchmarking suite, and LWP fits our needs perfectly except for the fact that its just not fast enough. It would be perfect if we could integrate ab with LWP. So, just wanting to get general feedback from the LWP community on whether such software would be useful to others. -Adi
developer wanted
We are looking for one good developer. We are a very small ASP, facilitating a certain type of payer-provider transaction in the healthcare industry. It is a software developer position, but since we are fairly small, we can offer a significant amount of company equity to the right person. We are very pro open-source, and encourage our developers to work on general solutions that would be valuable not only to us, but to the community as a whole. Needless to say, you won't run into any legal problems trying to release something you developed for us to the free software community. Experience in one or more of the following desired: - Apache, perl, mod_perl - CGI.pm - DBI - XML - FreeBSD and/or Linux kernel - Oracle, Postgres, or MySQL We are located in Raleigh, NC. Please forward inquiries to [EMAIL PROTECTED] -Adi
Re: speed up/load balancing of session-based sites
Leslie Mikesell wrote: > > According to Jeffrey W. Baker: > > > > I keep meaning to write this up as an Apache:: module, but it's pretty trivial > > > to cons up an application-specific version. The only thing this doesn't > > > provide is a way to deal with large data structures. But generally if the > > > application is big enough to need such data structures you have a real > > > database from which you can reconstruct the data on each request, just store > > > the state information in the cookie. > > > > Your post does a significant amount of hand waving regarding people's > > requirements for their websites. I try to keep an open mind when giving > > advice and realize that people all have different needs. That's why I > > prefixed my advice with "On my sites..." > > Can anyone quantify this a bit? On my site, I *need* to use server-side session objects. I am storing data that the user should not be allowed to modify. The session data is used directly by the server to determine what data to send to users in different cases. If it were passed in the cookie, a malicious user could take advantage of this and change the state of their session at will. -Adi
Re: Newbie Question -
Jim Winstead wrote: > > On May 05, Adi wrote: > > You can still use CGI.pm from within mod_perl (and you should). There is > > nothing better at handling data passed from a browser via HTTP POST and/or > > GET. If you currently use CGI.pm, I think you'll find that a lot of your > > current code can simply be cut-and-pasted into a mod_perl setup. > > Well, arguably Apache::Request is better at handling data passed > from a browser via HTTP POST and/or GET in a mod_perl environment. > And it has the advantage that is entirely focused on request > handling, and doesn't have any of the HTML generation cruft like > CGI.pm. Wow, I wasn't aware of Apache::Request.. thanks for letting me know.
Re: Newbie Question -
"Pierre J. Nicolas" wrote: > > Good Morning, > > I just started using mod_perl, I'm still using the CGI.pm module, but I > plan > to convert. You can still use CGI.pm from within mod_perl (and you should). There is nothing better at handling data passed from a browser via HTTP POST and/or GET. If you currently use CGI.pm, I think you'll find that a lot of your current code can simply be cut-and-pasted into a mod_perl setup. -Adi
Re: Cookies and redirection
Did you call $r->send_http_header before you returned REDIRECT ? Cookies reside in the HTTP header, so you need to send it. Bill Desjardins wrote: > > Hi all, > > I checked the archives and the guide to no avail, so here goes. I am > having trouble setting a cookie in the header and then doing a > redirect. The cookies are working fine every where, but if I add a cookie > to $r->headers_out->add(), set a location via $r->headers_out(Location => > 'newrui') and return REDIRECT, I get no cookies being set. is this a bug, > feature, or a feature of the wonderful world of incompatible browsers? > > My setup: > > RH Linux 6.1 > mod_perl 1.23 > apache 1.3.12 > > Thanks, > /Bill > > -- > Bill Desjardins - [EMAIL PROTECTED] - (USA) 305.205.8644 > Unix/Network Administration - Perl/Mod_Perl/DB Development > http://www.CarRacing.com - Powered by mod_perl! > Free WebHosting for Race Tracks, Race Teams and Race Shops
Re: speed up/load balancing of session-based sites
"Jeffrey W. Baker" wrote: > > On Fri, 28 Apr 2000, Adi wrote: > > > Joshua Chamas wrote: > > > How many writes and session ties per second does this system > > > handle, and what kind of db are you using. Currently the NetApp > > > NFS file sharing approach seems to max out around 40 Apache::ASP > > > style session creations per second. This involves writing to a > > > central internal session for session tracking, and the creation of > > > the relevant db files. > > > > > > I ask because I'm looking at going with your approach to handle greater > > > loads, and wondering where you max out at with MySQL/Oracle (?), & what > > > kind of hardware you are running. > > > > > > -- Joshua > > > > I don't have any exact figures, but it is very high. I run MySQL on a > > single processor Linux box with a 500Mhz K6-2 with 128M RAM. Even if it's > > <40/sec on that hardware, it is a scalable solution. All decent DBMSes are > > multi-threaded and scale with number of CPUs. Is the NetApp NFS approach as > > scalable ? I don't know enough about it to compare... > > > > Sorry for not providing exact benchmark numbers.. > > It ought to be a lot higher than 40/sec on that hardware. On low class > hardware a year ago, I was getting number an order of magnitude higher > than that with the database on the local machine. See here: > ~300 req/sec, good to hear! I am sort of in the dark, as we haven't had time to benchmark anything yet. Thanks -Adi
Re: speed up/load balancing of session-based sites
"Jeffrey W. Baker" wrote: > > On Fri, 28 Apr 2000, Adi wrote: > > > "Jeffrey W. Baker" wrote: > > > > > > On Fri, 28 Apr 2000, Dan McCormick wrote: > > > > > > > "Jeffrey W. Baker" wrote: > > > > > > > > > > On my sites I use a central database for storing the session objects, and > > > > > all of the https servers access this central resource. Obviously if it > > > > > goes down, everything is toast, but the same can be said of the database > > > > > that stores all of the customer information, etc. > > > > > > > > > > -jwb > > > > > > > > Are you using Apache::ASP to generate sessions? > > > > > > > > Has anyone tried using Tie::DBI to store Apache::ASP sessions in a db? > > > > That might solve problems with NFS sharing issues, though it might also > > > > bog things down. > > > > > > No, I use Apache::Session - jwb > > > > Dan, > > > > I suggest you switch to Apache::Session. If you've got a site that gets > > heavy traffic (which sounds like is the case if you're thinking about load > > balancing), you definitely want a true DBMS handling your session data, not > > just a Berkeley DB_File. > > I wouldn't buy that one on its own merits. I think that each site should > evaluate their performance situation and see what backing store works for > them. Sleepycat DB (nee Berkeley DB) 3.x, using balanced tree storage, is > a damn fast storage mechanism. If you only have a single web server, dbm > files are often the fastest blob storage mechanism. With that said, > remote DBMS storage scales best with more than a single web server. Much > better than NFS. > Good point, I didn't think of blob data. Storable is relatively slow compared to dbm? How hard do you think it would be to take DBM code and write it into simply a data serializer (like Storable's nfreeze)? That would be the best of both worlds, eh? I was under the impression that Sleepycat is a much better solution for embedding into an application, where all data is kept in memory. I wouldn't think .db files could come close to a caching DBMS like MySQL, unless the .db file is on a caching filesystem. Another plus for using MySQL to store sessions is that version 3.23 (alpha) has entirely in-memory heap tables. This is a perfect fit for session data, since sessions typically last a very short time, and one can assume the database restart to session turnover ratio is very low. -Adi
Re: speed up/load balancing of session-based sites
Joshua Chamas wrote: > > "Jeffrey W. Baker" wrote: > > > > > > > > With sharing state files to an NFS share, the sessions can move > > > from server to server even if one server goes offline, which > > > you won't find with solutions that have clients stay on a server > > > saving session data locally in RAM or disk. > > > > On my sites I use a central database for storing the session objects, and > > all of the https servers access this central resource. Obviously if it > > goes down, everything is toast, but the same can be said of the database > > that stores all of the customer information, etc. > > > > How many writes and session ties per second does this system > handle, and what kind of db are you using. Currently the NetApp > NFS file sharing approach seems to max out around 40 Apache::ASP > style session creations per second. This involves writing to a > central internal session for session tracking, and the creation of > the relevant db files. > > I ask because I'm looking at going with your approach to handle greater > loads, and wondering where you max out at with MySQL/Oracle (?), & what > kind of hardware you are running. > > -- Joshua I don't have any exact figures, but it is very high. I run MySQL on a single processor Linux box with a 500Mhz K6-2 with 128M RAM. Even if it's <40/sec on that hardware, it is a scalable solution. All decent DBMSes are multi-threaded and scale with number of CPUs. Is the NetApp NFS approach as scalable ? I don't know enough about it to compare... Sorry for not providing exact benchmark numbers.. -Adi
Re: speed up/load balancing of session-based sites
"Jeffrey W. Baker" wrote: > > On Fri, 28 Apr 2000, Dan McCormick wrote: > > > "Jeffrey W. Baker" wrote: > > > > > > On my sites I use a central database for storing the session objects, and > > > all of the https servers access this central resource. Obviously if it > > > goes down, everything is toast, but the same can be said of the database > > > that stores all of the customer information, etc. > > > > > > -jwb > > > > Are you using Apache::ASP to generate sessions? > > > > Has anyone tried using Tie::DBI to store Apache::ASP sessions in a db? > > That might solve problems with NFS sharing issues, though it might also > > bog things down. > > No, I use Apache::Session - jwb Dan, I suggest you switch to Apache::Session. If you've got a site that gets heavy traffic (which sounds like is the case if you're thinking about load balancing), you definitely want a true DBMS handling your session data, not just a Berkeley DB_File. I used to use Apache::ASP for session management but switched to Apache::Session for this reason. I think Apache::ASP is a great solution for low-traffic sites, but Apache::Session is a must for high-volume and/or load-balanced sites. Apache::Session incorporates its own Tie::DBI implementation to manage sessions. (is this correct, Jeffrey?) I don't know how successful you'd be taking a hash already tied to a DB_File (via Apache::ASP) and then trying to tie it to a DBMS via Tie::DBI. At best, you'd have two copies of your session data, but most likely it wouldn't work. -Adi
Re: Implementing security in CGI
Murali, Yes I have a site that uses the exact mechanism that you state. As Jeff said though, you should have an "auto-logout" feature. I implemented this as a cron job that runs every 30 minutes and checks each session for the last time it has been accessed. I'm sure there are other ways to auto-logout - I thought doing it outside of mod_perl is a good idea just to take some load off of it. -Adi Jeff Beard wrote: > > This is a question for comp.infosystems.www.authoring.cgi. > > But since I'm here... > > I would check for the cookie every time a request is made. If you use > Apache::Session there will be a separate session data store from the user > data. Which is probably what you really want. Apache::Session will allow > you to associate whatever data you like with the session id within it's own > schema. > > If the browser is closed, the cookie will remain. You can have a logout > feature but there will always be a significant percentage of users that > won't bother. So limit the life of the cookie with the time value and > periodically cull stale sessions on the server. > > --Jeff > > At 05:21 PM 4/19/00, Differentiated Software Solutions Pvt. Ltd. wrote: > >Hi, > > > >My question is much more basic than that. I wanted to validate my design > >ideas on a programmatic security. > >I would like somebody to go through the following and tell me that I'm on > >the right track. > > > >The idea I had was, at the time of login, I generate the session id which I > >write to the cookie. > >I have also tied to this session_id the user's login profile. > >Every other screen checks for the cookie's existence and reads back the > >session_id and gets the user's profile. I hope I'm right till then. > >When the user signs out then we can delete the tied file. > >Now any person who has access to the same browser will still have to login > >to get to the inner pages. > > > >If the browser is killed without sign-out from the system, even then there's > >no problem. > >Next person who gets access to the browser and tries to access any inner > >page will not be able to, because the cookie with the session-id does not > >exist. > > > >Am I right ??? Please help. > > > >Thanks, > > > >Murali > >
Re: [OT] LWP: Regression testing a mod_perl server
Cool, thanks for the quick response, Stas. I don't seem to have LWP::Parallel. Looks like I need to upgrade to the newest version of LWP. But yes, I did notice that ab gives much more accurate results. I was using Time::HiRes to simply measure the time it takes from request to response, and it gave widely varying results. Which was why I wanted to do a loop so I could divide the total time taken by the number of iterations. I'm glad to hear you're already working on it. I'll definitely help out with your regression suite, because I haven't gotten too far on mine (I just started working on it today). Thanks for the LWP list ref.. I'll post the question there. -Adi Stas Bekman wrote: > > First I work on a similar suite as well. I didn't want to announce it yet, > before I get some things working. But since you've mentioned it here, here > we go... Hope to get the first version out of the door in a few days. > > Regarding LWP, I've used a similar to ab script as described at > http://perl.apache.org/guide/performance.html and I've found the results > are very different if you the same test with ab and LWP::Parallel, so I'd > not recommend using it if you want to figure out the *real* numbers. Do > you see a different behavior with your tests? > > So based on these findings I use ab and parse the output to make a > different report than ab does. > > I didn't find the answer for your original answer in the LWP::UserAgent > manpage, but probably the right address is the libwww list: > >The latest version of this library is likely to be >available from CPAN as well as: > > http://www.linpro.no/lwp/ > >The best place to discuss this code is on the ><[EMAIL PROTECTED]> mailing list. > > __ > Stas Bekman | JAm_pH--Just Another mod_perl Hacker > http://stason.org/ | mod_perl Guide http://perl.apache.org/guide > mailto:[EMAIL PROTECTED] | http://perl.orghttp://stason.org/TULARC/ > http://singlesheaven.com| http://perlmonth.com http://sourcegarden.org > --
[OT] LWP: Regression testing a mod_perl server
I am trying to put together a comprehensive regression suite for CGI based
mod_perl web applications using LWP. It involves sequences of CGI calls
with expected results after each consecutive request. But I noticed
something about LWP: it caches requests, almost like it expects *only*
static content. So if you loop over a given sequence of HTTP requests, only
the first one actually gets sent to the server.
eg:
foreach (1..5) {
$ua->request(GET ('http://localhost/uri1'));
$ua->request(GET ('http://localhost/uri2'));
$ua->request(GET ('http://localhost/uri3'));
}
# this code will only send 3 requests to the webserver, NOT 15
Has anyone done similar work making a regression test using LWP ? Is there
an easy way to turn off this caching behavior?
-Adi
Apache::Session and IPC::Semaphore
I get an intermittent error using Apache::Session while trying to tie a session. It occurs sometimes and the only way to fix it I've found is to reboot. The weird thing is that I change nothing and rebooting fixes it. Looks like a semaphore problem. Why would the call: new IPC::Semaphore give a Permission denied error? Has anyone else ran into this problem? Any help greatly appreciated... My system: RedHat 6.1 (also occurs on RedHat 6.2) RH Secure Server 2.0 (Apache 1.3.3) mod_perl 1.21 Apache::Session 1.03 apache error_log [Fri Apr 7 20:13:46 2000] [error] Permission denied at /usr/lib/perl5/site_perl/5.005/Apache/Session/SysVSemaphoreLocker.pm line 63. (in cleanup) Permission denied at /usr/lib/perl5/site_perl/5.005/Apache/Session/SysVSemaphoreLocker.pm line 63. Database handle destroyed without explicit disconnect at /usr/lib/perl5/site_perl/5.005/Apache/AuthCookie.pm line 48.
Re: [RFI] URI escaping modules?
I use URI::Escape. Check CPAN. It allows you to customize which characters to escape if you don't like the default. -Adi Ed Loehr wrote: > > I just noticed that Apache::Util::escape_uri does not escape embedded '&' > characters as I'd expected. What is the preferred module for escaping > '&', '?', etc. when embedded in strings? > > Regards, > Ed Loehr
Re: Apache::ASP
Andrew Mayo wrote:
>
> We are trying to store references in session variables but for some reason
> this does not work. The reference cannot be regained.
>
> For example, in simple Perl I can create an array containing two anonymous
> hashes, then place a reference to this array in
> $d, then dereference $d to recover the array.
>
> @c[0]={'k1','v1','k2','v2'};
> @c[1]={'k3','v3','k4','v4'};
> $d=\@c;
> print $$d[0]{'k1'},"\n";
> @e=@$d;
> print $e[0]{'k1'},"\n";
The Apache::ASP $Session object is tied to a SDBM_File or DB_File via MLDBM
Data::Dumper. Therefore you cannot simply store a reference using "\@c" and
expect it to dereference next time. Use an anonymous array [] or anonymous
hash {}.
Try this:
@c[0]={'k1','v1','k2','v2'};
@c[1]={'k3','v3','k4','v4'};
$Session->{'array'} = [ @c ];
print $Session->{'array'}->[0]->{'k1'},"\n";
@e = @{$Session->{'array'}};
print $e[0]{'k1'},"\n";
DBI handles should be storable also, just be sure to use anonymous hash
syntax, since they are blessed hashes.
- Adi
Re: Redhat httpsd with mod_perl
Stas Bekman wrote: > > Is it a single script/handler you are testing with? > > *all* children at once? You mean you do a single request and it happens? > The only reason I can think of is parent dirtying its memory pages, > however I cannot think about a possible way to do this... > Yes, I reload VMonitor once, the disk drive chugs for a second, and then *all* children drop to under 3M shared. I think the parent process must have been swapped to disk. It only happens on my home computer (i.e no network traffic), and only after a while of inactivity. And the disk always chugs for a sec right before it happens. Sorry for bothering you with this.. I feel sheepish now that it looks like just a disk swap issue. Is it normal for mod_perl apache processes to forget their shared memory when they come out of swap? - Adi
Re: Redhat httpsd with mod_perl
Randy, Thanks so much for the tips. I got Apache::VMonitor - awesome package, Stas - and investigated it further. What I found was that each child loses a small amount of shared memory during normal use, due to copy-on-write. In my case from about 12M to 9M (roughly 25%). But it stabilizes at 9M shared, and then all of a sudden *all* of the child processes + the parent drop to 3M shared. All of them at once. Could this be due to swapping? (my site is currently very low traffic) I did notice that I could not actively cause the shared memory to dip below 9M. I had to wait a few minutes, and reload VMonitor after a period of no activity. I couldn't test exiting the Apache child, since it isn't a gradual dropoff. BTW, how do you terminate an Apache child process from within mod_perl? Thanks, - Adi Randy Harmon wrote: > > On Wed, Oct 20, 1999 at 10:47:02PM -0700, Adi wrote: > > > On Wed, 20 Oct 1999, Remi Fasol wrote: > > Does anyone know why the shared memory would decrease so dramatically? > > Perl code and data both live in the data segment. As it is used, any time > it writes information into a new chunk of memory, the memory is > copied-on-write, becoming not-shared. > > You may or may not benefit from exiting your Apache child when its shared > memory size shrinks too much. I think a package of Stas Bekman's > authorship may help you detect that occasion. It wraps the gtop library in > perl, so you can monitor 'top' info from mod_perl. > > Your own tests will give you an indication of whether this saves memory and > should also indicate whether there is any performance advantage one way or > other. > > It'd be interesting to hear your story of the results. > > Randy
Re: Redhat httpsd with mod_perl
> On Wed, 20 Oct 1999, Remi Fasol wrote: > > > > thanks for your suggestions... > > > > as a test, i set MaxRequestsPerChild to 500, but it > > didn't help. > > > > just out of curosity, could it be that i'm using > > mod_perl as a DSO? i've seen alot of warnings against > > that but that's how the redhat secure server is > > configured. I'm using redhat secure server also, and I too get the decreasing amount of shared memory as requests are served. However, my SIZE and RSS don't increase like yours do. It looks like a memory leak. Does anyone know why the shared memory would decrease so dramatically? Initially virtually all of the 10M size is shared, then it decreases to about 3M. I'm using Apache::ASP->Loader to pre-load all my .asp scripts, and have all the modules I use pre-loaded into the parent server with PerlModule's. - Adi
Re: Apache::ASP - accessing Session data from Application
Yeah, I'd be happy to. I'm not quite done with my app-specific version, but once I get done I'll genericize it and send it along. I'll have to write up some documentation, too. It'll probably be a week or two before I have something worthy of publication. - Adi Joshua Chamas wrote: > > About your session manager, I have been thinking about > starting up some sample applications repository for PerlScript > ASP applications, which could be easily distributed with > Apache::ASP. Would you be interested in publishing some > genericized version of your session manager? It seems > like a cool app. > > -- Joshua > _ > Joshua Chamas Chamas Enterprises Inc. > NODEWORKS >> free web link monitoring Huntington Beach, CA USA > http://www.nodeworks.com1-714-625-4051
Re: Apache::ASP - accessing Session data from Application
Thanks, Joshua. I tested out your development version 0.17 and it worked perfect for me. One thing I noticed was that if GetSession is improperly used, it could cause big security holes. By nature it will be used to access someone else's session, so the application should take care not to send the other SessionID across the net. Even within an SSL connection (as I'm using) it's not wise to even let one other person know the SessionID of another user. I made an internal 1:1 reference map of SessionIDs to unique identifiers which then can be sent over the net safely, to allow controlled access to other sessions. Anyway, just thought I'd mention this, though I'm sure you already realized it. You might want to put a note in your API documentation to take care not to reveal the SessionID when you use GetSession. - Adi Joshua Chamas wrote: > > I have added an $Application->GetSession($session_id) API > extension to Apache::ASP. I'll send you my latest dev version > in a separate email. > > -- Joshua > _ > Joshua Chamas Chamas Enterprises Inc. > NODEWORKS >> free web link monitoring Huntington Beach, CA USA > http://www.nodeworks.com1-714-625-4051
Re: Apache::ASP - accessing Session data from Application
Joshua Chamas wrote:
> > Do you think there are any advantages to adding a "Get_Session" method to
> > $Application that will return a reference to the Session object with a given
> > ID? e.g.
> >
>
> Only if you do. Why would you want to do such a thing ? There
> may be other ways around your problem.
Well, I am writing a session monitor application, which monitors what's
happening in all the user sessions. I want it to not only see what's going
on, but fix things for the user. As in the context of a user(newbie) and
administrator. I want the administrator to be able to physically fix the
things that the user has broken- in other words, have write access to
arbitrary user Sessions.
I suppose I could do it all through an Application->{SessionID} structure,
but then I wouldn't be using the Session object at all. And I do have some
locking going on, which would make this very unwise. There could be serious
bottleneck if everyone is just using Application, since Application->Lock
locks the whole shebang.
>
> > my $sessobj = $Application->Get_Session("87c6039a20a50a01000a054b547add4b");
> > print $sessobj->{'foo'};
> >
> > That way I wouldn't have to go through all my code adding Session data to
> > Application. :) How hard would implementing such a method be?
> >
>
> Not terribly.
>
Could I do it? It seems this is the best solution for my problem. Do you
think there's a better way?
- Adi
Re: Apache::ASP - accessing Session data from Application
Thanks for your help. I guess I was wondering if one could get a reference
to the $Session object directly without needing to add each value to
$Application as it is stored. So to access arbitrary Session data from
Application I need to store it in Application at the same time it's stored
in Session? e.g.
$Session->{'foo'} = "data";
$Application->{'Session'.$Session->{SessionID}} = { 'foo' => "data" };
Do you think there are any advantages to adding a "Get_Session" method to
$Application that will return a reference to the Session object with a given
ID? e.g.
my $sessobj = $Application->Get_Session("87c6039a20a50a01000a054b547add4b");
print $sessobj->{'foo'};
That way I wouldn't have to go through all my code adding Session data to
Application. :) How hard would implementing such a method be?
Yes, I'm using DB_File to store data, so the size won't be a problem. BTW,
are there still problems using Storable with DB_File?
Thanks again,
Adi
Joshua Chamas wrote:
>
> You end up having to add the information that you want
> to $Application yourself, and cleaning that up in
> Session_OnEnd.
Apache::ASP - accessing Session data from Application
Is it possible to access data from an arbitrary $Session object from the
$Application object. For example, say for each Session opened, I store the
username in $Session->{'user'}. Can I get a list of all the users currently
connected to the server? What about arbitrary data currently stored in the
Session object?
In global.asa I have
sub Session_OnStart {
$Session->{'user'} = Apache->request->connection->user;
my %session;
if (ref $Application->{'Session'} eq "HASH") {
%session = %{$Application->{'Session'}};
}
$session{$Session->{'SessionID'}} = $Session;
$Application->{'Session'} = { %session };
}
sub Session_OnEnd {
delete $Application->{'Session'}->{'SessionID'};
}
But this only stores the Session hash as it is when the session starts. So
I only get the user data value. Any data that gets added to Session after
it starts doesn't show up in $Application->{'Session'}->{'SessionID'}
Is there a way to get a reference to a session object given the SessionID?
If not, is there any plans on adding that feature? If not, I'd be happy to
code in that functionality if no one's working on it.
Adi
