AW: Konflikt zwischen ldap_auth geschütztem Verzeichni s und phpMyAdmin Zugang
Danke,
hat mit der Umstellung auf Cookie bestens geklappt!
Marco
-
Marco Lechner
dienstlich:
Institut für Physische Geographie
Uni Freiburg
Werderring 4
79085 Freiburg
Fon 0761 / 203-3548
Mail [EMAIL PROTECTED]
-Ursprüngliche Nachricht-
Von: Max Dittrich [mailto:[EMAIL PROTECTED]
Gesendet: Donnerstag, 23. März 2006 09:40
An: users-de@httpd.apache.org
Betreff: Re: Konflikt zwischen ldap_auth geschütztem Verzeichnis und
phpMyAdmin Zugang
Marco Lechner schrieb:
Hallo Liste,
bin neu hier und habe gleich zu Beginn ein Problem:
Unser Intranet haben wir ganz frisch mit mod_authldap gegen Zugriff von
außen abgesichert (hat nach einigem gebastel mit TLS/SSL
wunderbar funktioniert) - Beim Aufruf von http://intranet kommt gleich der
Anmeldebildschirm und man kann sich gegen
unseren LDAP
authentifizieren (funzt!).
Innerhalb des Intranet liegt im Unterordner phpMyAdmin eben diese
wundervolle Administrationstool, welches zur Administration
unserer MySQL_Datenbanken genutzt wird. Beim Aufruf des verzeichnisses wird
man sogleich nach dem MySQL-Passwort
gefragt (soll ja
auch so sein - im Intranet ist man ja eh drin). Leider landen die
Anmeldedaten von phpMyAdmin irgendwie im gleichen
Cache wie die
für das Intranet (bzw. überschreiben diese) Als Folge läßt einen der Apache
nicht mehr in das Verzeichnis phpMyAdmin,
da er jetzt
die MYSQL-Zugangsdaten für das Directory verwenden will. Sprich in der
logdatei taucht die Meldung unpassender
credentials für den
Zugriff auf das Verzeichnis phpMyAdmin auf.
Kann man dem Apache irgendwie beibringen, dass er mehrere Caches anlegt
oder wie kann man das Problem lösen?
Es geht da nicht um irgendwelche Caches innerhalb des Apache. Du
scheinst in phpMyAdmin die Methode 'http' (sprich HTTP Basic
Authentication) einzusetzen und diese gerät in Konflikt mit der über
mod_auth_ldap geprüften Authorisierung, denn HTTP bietet nur die
Möglichkeit eine zu verwenden.
Die einfachste Möglichkeit wäre es phpMyAdmin auf 'Cookie' umzustellen.
Ansonsten könntest Du probieren für den Bereich unterhalb von phpMyAdmin
AuthLDAPAuthoritative off zu setzen. Dies wird aber vermutlich aus
zwei Gründen nicht funktionieren, da phpMyAdmin rein skript-seitig diese
Authentifizierung erledigt, wovon Apache nichts weiß, und Du
vermutlich gleichlautende User in LDAP und MySQL hast ('root').
Und wenn Du mutig bist, kannst Du die LDAP-Authentifizierung für den
Bereich phpMyAdmin auch deaktivieren
Satisfy Any
order allow,deny
allow from all
und das dem Skript überlassen. Gegebenenfalls hast Du auch einen
übersichtlichen IP-Bereich den Du für das allow from verwenden kannst.
Grüsse,
.max
--
Apache HTTP Server Mailing List users-de
unsubscribe-Anfragen an [EMAIL PROTECTED]
sonstige Anfragen an [EMAIL PROTECTED]
--
--
Apache HTTP Server Mailing List users-de
unsubscribe-Anfragen an [EMAIL PROTECTED]
sonstige Anfragen an [EMAIL PROTECTED]
--
Re: [EMAIL PROTECTED] pwauth won't compile with PAM support
Solved ! After changing the config.h to enable PAM authentication, I should have changed the Makefile too : ##LIB= -lcrypt LIB=-lpam -ldl At least at my Redhat the linker needed these other libraries to get its job done. regards, Koen. [EMAIL PROTECTED] wrote: -To: users@httpd.apache.orgFrom: [EMAIL PROTECTED]Date: 21/03/2006 11:12Subject: [EMAIL PROTECTED] pwauth won't compile with PAM supportDear,I would like to add authentication (against the unix shadow file) to myapache web server. But with the ability to lockout a user after 5 incorrectattempts (in order to lockout script-kiddies / password-trial-programs).For what I 've read about this on the web. This combination should work :- Red Hat Enterprise linux 3 (3.2.3-20)- Kernel 2.4.21-4.EL- apache 2.0.46-25.ent- mod_auth_external-2.2.11- pwauth-2.3.2- pam-0.75-51at least : I 'm trying to get this working.Everything went fine, until the moment I try to compile pwauth with PAMsupportBefore compiling pwauth, I changed the config.h to use PAM : /* #define SHADOW_SUN /* Linux, Solaris, IRIX */ #define PAM /* Linux PAM or OpenPAM*/ /* #define NOLOGIN_FILE "/etc/nologin"/**/ /* #define MIN_NOLOGIN_UID 1 /**/ #define SERVER_UIDS 48/* user "apache" */Compilation of all pwauth-c-files goes fine, but the linker gives thiserror : gcc -o pwauth -g main.o auth_aix.o auth_bsd.o auth_hpux.o \auth_mdw.o auth_openbsd.o auth_pam.o auth_sun.o fail_log.o \lastlog.o nologin.o snooze.o -lcrypt auth_pam.o(.text+0x1f8): In function `check_auth': /root/download/mod_auth/pwauth-2.3.2/auth_pam.c:174: undefined reference to `pam_start' auth_pam.o(.text+0x214):/root/download/mod_auth/pwauth-2.3.2 /auth_pam.c:177: undefined reference to `pam_authenticate' auth_pam.o(.text+0x22d):/root/download/mod_auth/pwauth-2.3.2 /auth_pam.c:180: undefined reference to `pam_acct_mgmt' auth_pam.o(.text+0x241):/root/download/mod_auth/pwauth-2.3.2 /auth_pam.c:182: undefined reference to `pam_end' collect2: ld returned 1 exit status make: *** [pwauth] Error 1Two questions about this :1) What am I doing wrong / What am I missing to make this programcompile without errors ???2) Am I using the right programs to achive my goal (ie: passwordauthentication against simple user-database with the ability to lockoutpassword-trial-programs) ??Thanks in Advance,Koen.-The official User-To-User support forum of the Apache HTTP Server Project.See URL:http://httpd.apache.org/userslist.html for more info.To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED]For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Tuning tomcat4 and expression matching with apache
Hi List, I have a specific question about apache _expression_ matching. I have a apache tomcat server setup . While tuning tomcat i needed to achieve some tweaking to the apache _expression_ matching , or atleast that i felt . The site have all incoming urls (www.subdomain.domain.com type) are redirected to (https://domain.com/subdomain/index.jsp) . The possible input urls are: www.aaa.domain.com ( mostly ) aaa.domain.com http://aaa.domain.com www.domain.com/aaa/ And the redirecting url are : https://www.domain.com/aaa/index.jsp (mostly ) or https://www.domain.com/aaa/ The above redirection is working and valid for the following apache directive : VirtualHost * ServerName aaa.domain.com RedirectMatch (.*)\ .*$ https://www.domain.com/aaa$1 --x--- Now for load balancing i needed to change certain direct ives related to Mod_JK . The modifications at (httpd.conf) needed as below : original : JkMount /* my_workers Modified to : JkMount /*.jsp my_workers x- The change really worked .., the site started operating with tomcat serving its content alright . The subdomain functioning just stopped. The scenario here : at the ServerRoot ( /ust/local/domain/ ) the "index.jsp" resides . At that "index.jsp" a mapping is confirmed , which gurantees that the http get request ( when someone tyies to connect www.aaa.domain.com ) with "aaa" subdomain is served as index.jsp with the specific dynamic content part defined for "aaa" subdomain . This way multiple subdomains are entertained . So there is no "aaa" directory or "aaa" filename at ServerRoot . The related jsp for "aaa" is placed somewhere else as per "index.jsp" Let me know how exactly to overcome the situation . Because after modifing the httpd.conf en try as above i started getting errors : error.log : Files does not exist 404 /usr/local/domain/aaa access.log :[aa.dd.bb.cc] - - [22/Mar/2006] "GET /aaa HTTP/1.1" 404 346 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; PCQuest)" Let me know where i am mistaking .. Regards..Sanjay SahaSenior System Administratorhttp://www.sanjaysaha.inCel=+919830223862 To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre.
Re: [EMAIL PROTECTED] Retry: HostnameLookups timeout?
I looked in the code and the manuals for the system calls. It seems I have no control over this from apache. I will have to look in the system itself, but I doubt I can change anything there. If I find something I will report back to the list because it is certainly useful for other people. Thanks Markus On Wednesday 22 March 2006 16:58, Boyle Owen wrote: -Original Message- From: Markus Mayer [mailto:[EMAIL PROTECTED] Sent: Mittwoch, 22. März 2006 16:15 To: users@httpd.apache.org Subject: [EMAIL PROTECTED] Retry: HostnameLookups timeout? Generally reverse lookups work well, but for some IP addresses the reverse lookup times out. To get around this problem, I wanted to configure how long apache waits for a response, however I have not been able to find such an option. I suspect that this is not apache's problem... In the OSI model, Apache works on the application layer so any requests for services from other machines are passed down to the TCP/IP layer for routing. It is there that the DNS lookup takes place. From apache's POV, all it does is ask the TCP/IP layer to get the hostname for a particular IP - apache doesn't care about the implementation... I also looked in the source code, but was not able to find where this timeout is set. look in server/core.c; apache uses apr_getnameinfo() which in turn uses the system function getnameinfo() (do man getaddrinfo for details) Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. Either solution is fine for me, however of course a configuration directive to set timeouts for HostnameLookups would be much more preferable. Does any one know what directive there is to set, of if there is even one? And if there's no directive, where in the source code do I look to set this? All help on this will be greatly appreciated. greetings from Austria. Markus - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a private and personal nature. It is not related to the exchange or business activities of the SWX Group. Le présent e-mail est un message privé et personnel, sans rapport avec l'activité boursière du Groupe SWX. This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Retry: HostnameLookups timeout?
The obvious answer to this problem is to turn off HostnameLookups and use something like the logresolve program included in apache to resolve hostnames in your logs. On 3/23/06, Markus Mayer [EMAIL PROTECTED] wrote: I looked in the code and the manuals for the system calls. It seems I have no control over this from apache. I will have to look in the system itself, but I doubt I can change anything there. If I find something I will report back to the list because it is certainly useful for other people. Thanks Markus On Wednesday 22 March 2006 16:58, Boyle Owen wrote: -Original Message- From: Markus Mayer [mailto:[EMAIL PROTECTED] Sent: Mittwoch, 22. März 2006 16:15 To: users@httpd.apache.org Subject: [EMAIL PROTECTED] Retry: HostnameLookups timeout? Generally reverse lookups work well, but for some IP addresses the reverse lookup times out. To get around this problem, I wanted to configure how long apache waits for a response, however I have not been able to find such an option. I suspect that this is not apache's problem... In the OSI model, Apache works on the application layer so any requests for services from other machines are passed down to the TCP/IP layer for routing. It is there that the DNS lookup takes place. From apache's POV, all it does is ask the TCP/IP layer to get the hostname for a particular IP - apache doesn't care about the implementation... I also looked in the source code, but was not able to find where this timeout is set. look in server/core.c; apache uses apr_getnameinfo() which in turn uses the system function getnameinfo() (do man getaddrinfo for details) Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. Either solution is fine for me, however of course a configuration directive to set timeouts for HostnameLookups would be much more preferable. Does any one know what directive there is to set, of if there is even one? And if there's no directive, where in the source code do I look to set this? All help on this will be greatly appreciated. greetings from Austria. Markus - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a private and personal nature. It is not related to the exchange or business activities of the SWX Group. Le présent e-mail est un message privé et personnel, sans rapport avec l'activité boursière du Groupe SWX. This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Apache2 mod_xslt trouble.
Quoting Nick Kew ([EMAIL PROTECTED]): From time to time it seems that the daily cronjob's 'apache2ctl reload' causes Apache to 'forget' to load mod-xslt causing these warnings for each xml/xsl related request: Erm, I don't see a warning ... They were in my first post to the list. But i left them out on my second post. The warnigs are: | [error] an unknown filter was not added: mod-xslt For every request that has the specified text/xml mimetype. The raw xml is then returned to the client... So no-one is using mod_xslt with Apache2 ? Nope. Actually there are several different modules, from different authors, called mod_xslt, so your question is already under-specified. Ok, I didn't really know that. I'm new to integrated xsl/xml transformation modules in Apache2, the one i'm using is aparently built from sources at http://www.mod-xslt2.com/ FWIW, mod_transform is another option for XSLT, and one I'd be in a better position to help with if you had questions. Do you know other real-time xsl/xml transformers that can be used in conjunction with Apache2? I'd be happy to receive names of alternatives. The fact that debian's packaging of Apache is terminally confusing makes it harder again to get help here. :) Regards, Sander. -- | Visitors always give pleasure: if not on arrival, then on the departure. | 1024D/08CEC94D - 34B3 3314 B146 E13C 70C8 9BDB D463 7E41 08CE C94D - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] mod_proxy and mod_cache: subsequent requests not served from cache
Hello -- I'm running into a little trouble with mod_proxy and mod_cache; thought someone here might be able to help. I've set up one of our virtual servers to proxy requests to Eurekster, one of our third parties, and cache them. The proxying happens just fine, and the caching happens just fine (see error log snippets below), but subsequent requests don't get served out of the cache -- Apache is making a request to Eurekster every single time. I checked out our request headers: HTTP/1.1 Host: qa.wankelrotaryengine.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: CP=null* Cache-Control: max-age=0 Straight up: I don't know a whole lot about caching. But that last one, Cache-Control with a max-age of 0 -- I'm guessing that header that's the culprit, and is essentially what's causing a new request every time. 1. Am I right? Or at least on the right track? 2. How to I get Apache to make requests without this header, or with a greater max-age? The docs imply that mod_expire might be the ticket, so I tried playing with that but I couldn't get it to work (it could be me, I know). Can anyone help? Thanks in advance! Logs and conf are below. best, Elizabeth Logs: [Thu Mar 23 11:55:55 2006] [debug] mod_cache.c(129): Adding CACHE_SAVE filter for /eurekster/sidebar [Thu Mar 23 11:55:55 2006] [debug] mod_cache.c(136): Adding CACHE_REMOVE_URL filter for /eurekster/sidebar [Thu Mar 23 11:55:55 2006] [debug] mod_proxy_http.c(54): proxy: HTTP: canonicalising URL //wankelrotaryengine.eurekster.com/sidebar [Thu Mar 23 11:55:55 2006] [debug] proxy_util.c(1373): [client 10.40.0.1] proxy: http: found worker http://wankelrotaryengine.eurekster.com/ for http://wankelrotaryengine.eurekster.com/sidebar?seckey=wankelrotaryengine123456groupkey=blah [Thu Mar 23 11:55:55 2006] [debug] mod_proxy.c(736): Running scheme http handler (attempt 0) [Thu Mar 23 11:55:55 2006] [debug] mod_proxy_http.c(1661): proxy: HTTP: serving URL http://wankelrotaryengine.eurekster.com/sidebar?seckey=wankelrotaryengine123456groupkey=blah [Thu Mar 23 11:55:55 2006] [debug] proxy_util.c(1754): proxy: HTTP: has acquired connection for (wankelrotaryengine.eurekster.com) [Thu Mar 23 11:55:55 2006] [debug] proxy_util.c(1811): proxy: connecting http://wankelrotaryengine.eurekster.com/sidebar?seckey=wankelrotaryengine123456groupkey=blah to wankelrotaryengine.eurekster.com:80 [Thu Mar 23 11:55:55 2006] [debug] proxy_util.c(1911): proxy: connected /sidebar?seckey=wankelrotaryengine123456groupkey=blah to wankelrotaryengine.eurekster.com:80 [Thu Mar 23 11:55:55 2006] [debug] proxy_util.c(2005): proxy: HTTP: fam 2 socket created to connect to wankelrotaryengine.eurekster.com [Thu Mar 23 11:55:55 2006] [debug] proxy_util.c(2101): proxy: HTTP: connection complete to 66.70.119.205:80 (wankelrotaryengine.eurekster.com) [Thu Mar 23 11:55:55 2006] [debug] mod_proxy_http.c(1443): proxy: start body send [Thu Mar 23 11:55:55 2006] [debug] mod_deflate.c(447): [client 10.40.0.1] Zlib: Compressed 336 to 198 : URL /eurekster/sidebar [Thu Mar 23 11:55:55 2006] [debug] mod_headers.c(612): headers: ap_headers_output_filter() [Thu Mar 23 11:55:55 2006] [debug] mod_cache.c(602): cache: Caching url: /eurekster/sidebar?seckey=wankelrotaryengine123456groupkey=blah [Thu Mar 23 11:55:55 2006] [debug] mod_cache.c(608): cache: Removing CACHE_REMOVE_URL filter. [Thu Mar 23 11:55:55 2006] [debug] mod_disk_cache.c(954): disk_cache: Stored headers for URL http://_default_:80/eurekster/sidebar?seckey=wankelrotaryengine123456groupkey=blah [Thu Mar 23 11:55:55 2006] [debug] mod_disk_cache.c(1035): disk_cache: Body for URL http://_default_:80/eurekster/sidebar?seckey=wankelrotaryengine123456groupkey=blah cached. [Thu Mar 23 11:55:55 2006] [debug] mod_proxy_http.c(1530): proxy: end body send [Thu Mar 23 11:55:55 2006] [debug] proxy_util.c(1769): proxy: HTTP: has released connection for (wankelrotaryengine.eurekster.com) Conf: VirtualHost *:80 ServerName qa.wankelrotaryengine.com IfModule mod_proxy.c ProxyRequests Off Proxy * Order deny,allow Allow from all /Proxy ProxyPass /eurekster/ http://wankelrotaryengine.eurekster.com/ ProxyPassReverse /eurekster/ http://wankelrotaryengine.eurekster.com/ ExpiresDefault access plus 900 seconds ExpiresActive Off CacheRoot /cache/WRE CacheEnable disk /eurekster/sidebar CacheDefaultExpire 900 CacheMaxExpire 900 CacheIgnoreCacheControl On CacheIgnoreNoLastMod On CacheStoreNoStore On CacheStorePrivate On /IfModule Options None /VirtualHost - The official User-To-User support forum of the Apache HTTP Server Project. See
Re: [EMAIL PROTECTED] Apache2 mod_xslt trouble.
On Thursday 23 March 2006 15:49, Sander Smeenk wrote: Quoting Nick Kew ([EMAIL PROTECTED]): From time to time it seems that the daily cronjob's 'apache2ctl reload' causes Apache to 'forget' to load mod-xslt causing these warnings for each xml/xsl related request: Erm, I don't see a warning ... They were in my first post to the list. But i left them out on my second post. The warnigs are: | [error] an unknown filter was not added: mod-xslt Oh, right. Either you've got the wrong filter name (check the source and/or docs for your XSLT module), or the module isn't loaded (see LoadModule in the Apache docs). Nope. Actually there are several different modules, from different authors, called mod_xslt, so your question is already under-specified. Ok, I didn't really know that. I'm new to integrated xsl/xml transformation modules in Apache2, the one i'm using is aparently built from sources at http://www.mod-xslt2.com/ Is that the one originally by Philipp Dunkel and based on libxml2/libxslt? If so, I think it's a perfectly sensible choice - unless something bad happened since I looked. If not, then I don't know. FWIW, mod_transform is another option for XSLT, and one I'd be in a better position to help with if you had questions. Do you know other real-time xsl/xml transformers that can be used in conjunction with Apache2? I'd be happy to receive names of alternatives. Erm, yes, I just told you one. mod_transform happens to be the one I'm co-author of. -- Nick Kew - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Retry: HostnameLookups timeout?
It was thus said that the Great Markus Mayer once stated:
I looked in the code and the manuals for the system calls. It seems I have no
control over this from apache. I will have to look in the system itself, but
I doubt I can change anything there. If I find something I will report back
to the list because it is certainly useful for other people.
And there exists the possiblity of setting the timeout to infinity and
*still* have the reverse lookup fail, since there are plenty of ISPs that
don't bother with setting up PTR records for all their IP addresses.
Now, with that said, you could certainly modify Apache to do multiple
attempts, wrapping the call to getnameinfo() in something like:
/*--
; demo code only---for demonstration
; purposes only! You have been
; warned!
;---*/
{
int tries = 3;
int rc;
while(tries--)
{
rc = getnameinfo();
if (rc == 0) break;
}
}
But it's probably best not to do any DNS lookups at all.
-spc (Or, you could modify the resolving libraries ... )
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Location block not being honoured?
I'm using 2.0.52 on centos4. This box will primarily be used to offload ssl processing from our weblogic application servers. To do this, we are using mod_wl128_20.so. Since we are testing this configuration, it had a couple sites existing on the box already. When we configured a virtualhost for proxing between weblogic and the client. The proxiing works fine, but our configuration somehow broke things because all http requests are being proxied to the application server. NameVirtualHost 172.16.101.119:80 VirtualHost 172.16.101.119:80 ServerAdmin [EMAIL PROTECTED] DocumentRoot /var/www/spacebooth_com/wwwroot ServerName www.spacebooth.com CustomLog |/usr/local/sbin/cronolog /var/www/spacebooth_com/logs/%Y-%m-%d-spacebooth_com.log combined /VirtualHost VirtualHost 172.16.101.119:80 ServerAdmin [EMAIL PROTECTED] DocumentRoot /var/www/recoverymetals_com/wwwroot ServerName www.recoverymetals.com CustomLog |/usr/local/sbin/cronolog /var/www/recoverymetals_com/logs/%Y-%m-%d-recoverymetals_com.log combined /VirtualHost VirtualHost 172.16.101.119:80 ServerAdmin [EMAIL PROTECTED] DocumentRoot /var/www/www_tripwire-dhs_net/wwwroot ServerName www.tripwire-dhs.net CustomLog |/usr/local/sbin/cronolog /var/www/www_tripwire-dhs_net/logs/%Y-%m-%d-www_tripwire-dhs_net.log combined ProxyRequests Off Location / SetHandler weblogic-handler Debug On WebLogicHost 172.16.103.200 WebLogicPort 7004 /Location /VirtualHost Is there anything wrong with this configuration? __ Errol Uriel Neal Jr. Sr. Network Administrator DFI International, Inc. 1717 Pennsylvania Ave NW, Suite 1300 Washington, DC 20006 Tel (202)452-6955 Fax (202)452-6910 [EMAIL PROTECTED] www.dfi-intl.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] wchar_t error cousing core dump in SunOs 9
Hello all im newbee to this forum so hello all! i have compiled apache 1.3.27 on SunOS sparc 9 i develop simple plug to do some stuff. my question is how can i prevent apache to use wchar_t but rather the usual char type because after i load the apache server after short period of time it crashed and when i load the core file in the dbx im getting this : [1] 0xfe71c498(0x124f80, 0xfe8bb488, 0xfe8ce951, 0x4b0, 0x0, 0x0), at 0xfe71c497 [2] OX509EncodeCertificate(0x132cf0, 0xfe8f6cb4, 0xfe581f38, 0x0, 0x20, 0xfe581f38), at 0xfe582a40 [3] 0xfe7289b0(0xea4d8, 0x0, 0xfe728894, 0xfe728894, 0xfe728894, 0xea4d8), at 0xfe7289af =[4] std::basic_stringwchar_t,std::char_traitswchar_t,std::allocatorwchar_t ::substr(0xea4d8, 0x0, 0x0, 0 so my question is how can i prevent apache from using wchar_t ?? Thanks allot - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Single sign on problems across Apache2 and Tomcat
Hi I'm using Apache2 on Win2003 serving amongst other items PHP and Tomcat applications. All is working fine with connectors doing all the hard work except when I log into Tomcat application, then move to another application I have to log in again. Before I used Apache the users single sign on would let me move freely between different Tomcat applications once logged in instead of being challenged again. Am I missing something within Apache or do I need to load some more modules / configs Thanks Neil Thompson - Scanning of this message and addition of this footer has been performed by Shepway District Council with email filtering and virus detection software. - - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Newbe Install
I'm new to this so please be patient. I have a standalone Win XP SP2 system with dial up to the Internet which I want to run the Apache web server on to test code before uploading to the web. In the install directions, it says that it will ask for a Network Domain, Server Name in the format server.mydomain.net. How would I have this for this computer??? Wouldn't I have to have a registered DNS server and a full time connection to an ISP?? TIA SR -- IMPORTANT NOTICE: This message is intended only for the addressee and may contain confidential, privileged information. If you are not the intended recipient, you may not use, copy or disclose any information contained in the message. If you have received this message in error, please notify the sender by reply e-mail and delete the message.
Re: [EMAIL PROTECTED] Newbe Install
I would assume you can get your i.p. from the start menu and going to run type in ipconfig /all and read what it says. I've never trie that on a dial up connection. I'm not sure what those dchp servers do, if they assign you a name or not. You shouldn't need a DNS name though to run a server, but a dedicated full time connection would probably be of great benefit. I believe DCHP can switch your I.P while connected. -ds - Original Message - From: serross To: Apache User Group Sent: Thursday, March 23, 2006 3:46 PM Subject: [EMAIL PROTECTED] Newbe Install I'm new to this so please be patient. I have a standalone Win XP SP2 system with dial up to the Internet which I want to run the Apache web server on to test code before uploading to the web. In the install directions, it says that it will ask for a Network Domain, Server Name in the format server.mydomain.net.How would I have this for this computer??? Wouldn't I have to have a registered DNS server and a full time connection to an ISP??TIASR-- IMPORTANT NOTICE: This message is intended only for the addressee and may contain confidential, privileged information. If you are not the intended recipient, you may not use, copy or disclose any information contained in the message. If you have received this message in error, please notify the sender by reply e-mail and delete the message.
Re: [EMAIL PROTECTED] Newbe Install
On Thursday March 23 2006 5:46 pm, serross wrote: I'm new to this so please be patient. I have a standalone Win XP SP2 system with dial up to the Internet which I want to run the Apache web server on to test code before uploading to the web. In the install directions, it says that it will ask for a Network Domain, Server Name in the format |server.mydomain.net. How would I have this for this computer??? Wouldn't I have to have a registered DNS server and a full time connection to an ISP?? TIA SR -- Well, I haven't run apache on Windows, but the basic concepts should be the same as in a *nix install: 1) You do have to name your Web server machine. In XP, it's as simple as going to System Properties via My Computer, or Control Panel | System and adding the computer name and domain. 2) You do need to register the domain name with a registrar. The easiest for you might be to have your ISP create the DNS records for your Web server. HTH. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Content-Length: 0 problem in GET request
Hi all, I've got a problem with a Content-Length: 0 header in GET requests. I discovered it because some requests from newish mobile phone browsers weren't working. Anyway, I captured the headers these phones were sending in the GET request, and narrowed it down to them having a Content-Length: 0 header line. If the request has that Content-Length: 0 header line (these mobiles send it), Apache sends the wrong page---it always sends the home page of the site. If the request doesn't have the Content-Length line (most other browsers), Apache works fine---i.e., sends the correct page. So this works (try it with telnet harvest.com 80): GET /he HTTP/1.0 but this doesn't (i.e., returns the site's main page instead of /he): GET /he HTTP/1.0 Content-Length: 0 (And it's not a HTTP 1.0 vs 1.1 issue---if I add a Host: harvest.com line and change the GET to GET /he HTTP/1.1 it still has the same Content-Length: 0 problem.) It seems like an Apache or Apache config issue, because I don't think there's a problem including that Content-Length: 0 header in the GET request ... though I could be missing something obvious. Any pointers or info would be much appreciated. I'm using Apache 2.0.47 under Win32 (WinXP SP2). Thanks heaps, Ben. -- Ben Hoyt | [EMAIL PROTECTED] Harvest Electronics | PO Box 446 | 10 Pragnell St | Masterton | New Zealand http://www.harvest.com | Tel +64 6 370 1991 | Fax +64 6 370 1993 - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Content-Length: 0 problem in GET request
So this works (try it with telnet harvest.com 80): GET /he HTTP/1.0 but this doesn't (i.e., returns the site's main page instead of /he): GET /he HTTP/1.0 Content-Length: 0 Oh, just a follow-up note. The /he page is actually a mod_rewrite shortcut to a CGI script, but if I manually expand the above /he to the full link (/w.cgi?cmd=wmlhsn=3001), it still fails in just the same way. -- Ben Hoyt | [EMAIL PROTECTED] Harvest Electronics | PO Box 446 | 10 Pragnell St | Masterton | New Zealand http://www.harvest.com | Tel +64 6 370 1991 | Fax +64 6 370 1993 - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Newbe Install
On Thu, 23 Mar 2006, Dimitri Yioulos wrote: On Thursday March 23 2006 5:46 pm, serross wrote: I'm new to this so please be patient. I have a standalone Win XP SP2 system with dial up to the Internet which I want to run the Apache web server on to test code before uploading to the web. In the install directions, it says that it will ask for a Network Domain, Server Name in the format |server.mydomain.net. How would I have this for this computer??? Wouldn't I have to have a registered DNS server and a full time connection to an ISP?? TIA SR -- Well, I haven't run apache on Windows, but the basic concepts should be the same as in a *nix install: 1) You do have to name your Web server machine. In XP, it's as simple as going to System Properties via My Computer, or Control Panel | System and adding the computer name and domain. 2) You do need to register the domain name with a registrar. The easiest for you might be to have your ISP create the DNS records for your Web server. HTH. If all you're doing is testing code, you don't really need any of that, and no, you don't need a full time connection. Ignore the machine name in System Properties. When you do the install, specify localhost as the server name, nothing more. I'm not completely familiar with the Apache install on Windows, so I can't be certain that it will allow just that. If it doesn't you'll have to do a bit more work. Edit drive:\Windows\system 32\drivers\etc\hosts, and look for the line that reads '127.0.0.1 localhost'. Change it to read '127.0.0.1 localhost localhost.localdomain.xxx', replacing 'xxx' with your favorite suffix (it doesn't matter which). And yes, I left localhost in there twice deliberately. Save it, and just because it's Windows, reboot to be on the safe side. Then specify 'localhost.localdomain.xxx' for the Server Name and Network Domain. This will give you an Apache installation that will respond to all browser requests on that machine directed to http://localhost; or http://localhost.localdomain.xxx,; depending on which you wound up with. And, it has the added benefit of being unreachable from anywhere _but_ that local machine, so you have no security worries. -- Craig Dunigan IS Technical Services Specialist Middleware - EIS - DoIT University of Wisconsin, Madison opinions expressed are my own, not the University's - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Content-Length: 0 problem in GET request
Ugh! Just had the duh! moment. It was my CGI script's fault all along. To get the POST/GET parameters, I was only parsing the QUERY_STRING environment variable if CONTENT_LENGTH was non-null, whereas I should have been parsing it if CONTENT_LENGTH was non-null *and* non-zero. I didn't immediately connect that to the Content-Length: 0 header (though it obviously is the same thing), because I knew my CGI script wasn't parsing the headers, Apache was. But of course Apache just converts that header to the CONTENT_LENGTH environment variable . . . Thanks for reading anyway, Ben Ben Hoyt wrote: Hi all, I've got a problem with a Content-Length: 0 header in GET requests. I discovered it because some requests from newish mobile phone browsers weren't working. Anyway, I captured the headers these phones were sending in the GET request, and narrowed it down to them having a Content-Length: 0 header line. If the request has that Content-Length: 0 header line (these mobiles send it), Apache sends the wrong page---it always sends the home page of the site. If the request doesn't have the Content-Length line (most other browsers), Apache works fine---i.e., sends the correct page. So this works (try it with telnet harvest.com 80): GET /he HTTP/1.0 but this doesn't (i.e., returns the site's main page instead of /he): GET /he HTTP/1.0 Content-Length: 0 (And it's not a HTTP 1.0 vs 1.1 issue---if I add a Host: harvest.com line and change the GET to GET /he HTTP/1.1 it still has the same Content-Length: 0 problem.) It seems like an Apache or Apache config issue, because I don't think there's a problem including that Content-Length: 0 header in the GET request ... though I could be missing something obvious. Any pointers or info would be much appreciated. I'm using Apache 2.0.47 under Win32 (WinXP SP2). Thanks heaps, Ben. -- Ben Hoyt | [EMAIL PROTECTED] Harvest Electronics | PO Box 446 | 10 Pragnell St | Masterton | New Zealand http://www.harvest.com | Tel +64 6 370 1991 | Fax +64 6 370 1993 - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] what is the minimod modules list for apache to load on SunOs
Hello all im still trying to solve the wchar_t problem i have , im trying to eliminate the causes now i notice im loading list of *.so files that i dont know if i even need all of them . i know by typing httpd -l that apache did linked statically mod_so and http_core.c . now the problem is when i comment out all the LoadModule derectives and the corresponding AddModule directive except my *.so file the apache cant load and crashed . so my question is what are the must *.so apache needs? thanks allot for the help (sorry for my bad english) - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] $HTTPD -k $ARGV
Hi All I have added the below lines at the bottom of httpd.conf LoadModule vl_module modules/VlApache20_32.so VlConfigFile /usr/local/vl/vl.conf I have a issue is that when i start with the below command /usr/local/apache/bin/apachectl start I get the below error /usr/local/apache/bin/apachectl: line 99: 14560 Illegal instruction $HTTPD -k $ARGV My Apache Version is /usr/local/apache/bin/httpd -v Server version: Apache/2.0.49 Server built: Nov 10 2005 09:13:59 My OS is RHL 9.0 Please let me know as what I am doing wrong Thanks in Advance Regards Kaushal - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] $HTTPD -k $ARGV
Could sound like there is a problem with the added module. Does Apache start when you remove those two lines you added ? -ascs -Original Message- From: Kaushal Shriyan [mailto:[EMAIL PROTECTED] Sent: Friday, March 24, 2006 8:16 AM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] $HTTPD -k $ARGV Hi All I have added the below lines at the bottom of httpd.conf LoadModule vl_module modules/VlApache20_32.so VlConfigFile /usr/local/vl/vl.conf I have a issue is that when i start with the below command /usr/local/apache/bin/apachectl start I get the below error /usr/local/apache/bin/apachectl: line 99: 14560 Illegal instruction $HTTPD -k $ARGV My Apache Version is /usr/local/apache/bin/httpd -v Server version: Apache/2.0.49 Server built: Nov 10 2005 09:13:59 My OS is RHL 9.0 Please let me know as what I am doing wrong Thanks in Advance Regards Kaushal - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] what is the minimod modules list for apache to load on SunOs
For any module you remove, you must also remove the associated configuration directives. The configuration is parsed by each module, so if you remove for example mod_ssl, you must remove all directives defined in mod_ssl such as SSLEngine, from your configuration file(s). If you remove mod_mime, you must remove AddCharset, AddEncoding etc. from your configuration. Any offending configuration directive will be logged to the error log. -ascs -Original Message- From: Meir Yanovich [mailto:[EMAIL PROTECTED] Sent: Friday, March 24, 2006 8:07 AM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] what is the minimod modules list for apache to load on SunOs Hello all im still trying to solve the wchar_t problem i have , im trying to eliminate the causes now i notice im loading list of *.so files that i dont know if i even need all of them . i know by typing httpd -l that apache did linked statically mod_so and http_core.c . now the problem is when i comment out all the LoadModule derectives and the corresponding AddModule directive except my *.so file the apache cant load and crashed . so my question is what are the must *.so apache needs? thanks allot for the help (sorry for my bad english) - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] $HTTPD -k $ARGV
On 3/24/06, Axel-Stéphane SMORGRAV [EMAIL PROTECTED] wrote: Could sound like there is a problem with the added module. Does Apache start when you remove those two lines you added ? -ascs -Original Message- From: Kaushal Shriyan [mailto:[EMAIL PROTECTED] Sent: Friday, March 24, 2006 8:16 AM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] $HTTPD -k $ARGV Hi All I have added the below lines at the bottom of httpd.conf LoadModule vl_module modules/VlApache20_32.so VlConfigFile /usr/local/vl/vl.conf I have a issue is that when i start with the below command /usr/local/apache/bin/apachectl start I get the below error /usr/local/apache/bin/apachectl: line 99: 14560 Illegal instruction $HTTPD -k $ARGV My Apache Version is /usr/local/apache/bin/httpd -v Server version: Apache/2.0.49 Server built: Nov 10 2005 09:13:59 My OS is RHL 9.0 Please let me know as what I am doing wrong Thanks in Advance Regards Kaushal - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Hi Axel Thanks for the reply When I comment both this Line It works Fine , But I wanted to make this work Suggest me as where should I put both of this Line in httpd.conf Thanks Regards Kaushal - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
