You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Jayson Strudwick <js...@whatevercomputes.com> on 2001/11/29 19:53:54 UTC
SetEnvIf Woes
I have checked the documentation numerous times,
I have looked at examples provided online, and for
some reason I still can not get the SetEnvIf directive
to work as I expected it to.
I have a directory password protected via an .htaccess
file using the mod_auth directives, that all works fine.
What I am playing around with is logging authenticated
requests to the server to one logfile, and all the rest
to a second logfile. I am attempting to use the following
within the VirtualHost definition.
....
SetEnvIfNoCase REMOTE_USER "<username>" login
CustomLog logfile_auth combined env=login
CustomLog logfile combined env=!login
....
*note <username> is a valid user, I am just working with 1 login for
now, I will worry about writing the regexp to deal with any login later*
I have confirmed that the username I provide is the one being seen by the
server, both from the logfiles themselves, and by echoing the value to
the protected page via PHP.
I have tried to provide the username both with and without quotes, I have
seen examples with both. I have tried ^username$, I have tried using both
the case sensitive and non sensitive versions of the directive. I have tried
a different varname incase login had special meaning within the code.
I can successfully log to different files dependant upon remote host, so I
am guessing that the problem may lie in the fact that the username is not
being sent as expected by Apache?
Any help would be greatly appreciated,
Jayson Strudwick
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: SetEnvIf Woes
Posted by Jayson Strudwick <js...@whatevercomputes.com>.
> Jayson Strudwick wrote:
> >
> > > > > SetEnvIfNoCase REMOTE_USER "<username>" login
> > > > > CustomLog logfile_auth combined env=login
> > > > > CustomLog logfile combined env=!login>
>
> > Here is a snippet from the logfile when someone has been authorized
> > xx.xx.xx.xx - username [29/Nov/2001:11:14:27 -0600] "GET /test
HTTP/1.1"
> > 301 382
> >
> > And one when they havn't been
> > xx.xx.xx.xx - - [29/Nov/2001:11:14:13 -0600] "GET /images/blank.gif
> > HTTP/1.1" 304 -
> >
> > > Which file gets all accesses - "logfile" or "logfile_auth"?
> >
> > logfile
>
> So "login" never gets set... Try making the match certain, e.g.
>
> SetEnvIfNoCase REMOTE_USER .* login
>
> Just to see if this directive ever works!
>
I have done this before, then everything gets logged to the other
file, can't remember if it was this list that I posted to or not, but
I can get the SetEnvIf directive to work just fine using a different
test, IE: REMOTE_HOST
The problem for me just seems to lie with REMOTE_USER.
Jayson
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: SetEnvIf Woes
Posted by Owen Boyle <ob...@bourse.ch>.
Jayson Strudwick wrote:
>
> > > > SetEnvIfNoCase REMOTE_USER "<username>" login
> > > > CustomLog logfile_auth combined env=login
> > > > CustomLog logfile combined env=!login>
> Here is a snippet from the logfile when someone has been authorized
> xx.xx.xx.xx - username [29/Nov/2001:11:14:27 -0600] "GET /test HTTP/1.1"
> 301 382
>
> And one when they havn't been
> xx.xx.xx.xx - - [29/Nov/2001:11:14:13 -0600] "GET /images/blank.gif
> HTTP/1.1" 304 -
>
> > Which file gets all accesses - "logfile" or "logfile_auth"?
>
> logfile
So "login" never gets set... Try making the match certain, e.g.
SetEnvIfNoCase REMOTE_USER .* login
Just to see if this directive ever works!
Rgds,
Owen Boyle.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: SetEnvIf Woes
Posted by Jayson Strudwick <js...@whatevercomputes.com>.
>
> On Fri, 30 Nov 2001, Jayson Strudwick wrote:
>
> > > > Jayson Strudwick wrote:
> > > >
> > > > > SetEnvIfNoCase REMOTE_USER "<username>" login
> > > > > CustomLog logfile_auth combined env=login
> > > > > CustomLog logfile combined env=!login>
>
> I just tried this myself, and I can confirm that SetEnvIf... does not seem
> to be working with Remote_User. I can't see an obvious reason for this.
> You should probably submit a bug report about it.
>
> Here is a workaround: (assuming you have mod_rewrite in your server)
>
> RewriteEngine On
> RewriteCond %{LA-U:REMOTE_USER} username [NC]
> RewriteRule .* - [E:AUTHENTICATED]
>
> CustomLog logfile_auth combined env=AUTHENTICATED
> CustomLog logfile combined env=!AUTHENTICATED
>
> Of course, as always, I should point out that the most efficient and
> flexible way to handle this sort of thing is simply to log everything to a
> single file and post-process the logs into whatever you want.
>
> Joshua.
Well atleast I know I'm not crazy :) Thank you for providing a work around.
I probably will end up just post processing, but I was trying to learn how
to
do it the other way, if for some reason down the road I ever needed it, then
I
ran into this problem and subscribed. So primarily just a learning
experience
for myself using SetEnvIf.
The reason I am doing this, we have a user who has the mod_auth protected
area, and individual logins for all their users. They do not want tracking
to be
done with cookies, but would like to know the timedate stamp and what files
each user is viewing. They of course don't want to look at the raw logs, so
I
am going to have to write something to parse the logfile, then output the
results
in HTML. Unless someone knows of a script which already exists to do this.
Jayson
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: SetEnvIf Woes
Posted by Joshua Slive <jo...@slive.ca>.
On Fri, 30 Nov 2001, Jayson Strudwick wrote:
> > > Jayson Strudwick wrote:
> > >
> > > > SetEnvIfNoCase REMOTE_USER "<username>" login
> > > > CustomLog logfile_auth combined env=login
> > > > CustomLog logfile combined env=!login>
I just tried this myself, and I can confirm that SetEnvIf... does not seem
to be working with Remote_User. I can't see an obvious reason for this.
You should probably submit a bug report about it.
Here is a workaround: (assuming you have mod_rewrite in your server)
RewriteEngine On
RewriteCond %{LA-U:REMOTE_USER} username [NC]
RewriteRule .* - [E:AUTHENTICATED]
CustomLog logfile_auth combined env=AUTHENTICATED
CustomLog logfile combined env=!AUTHENTICATED
Of course, as always, I should point out that the most efficient and
flexible way to handle this sort of thing is simply to log everything to a
single file and post-process the logs into whatever you want.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: SetEnvIf Woes
Posted by Jayson Strudwick <js...@whatevercomputes.com>.
> > Jayson Strudwick wrote:
> >
> > > SetEnvIfNoCase REMOTE_USER "<username>" login
> > > CustomLog logfile_auth combined env=login
> > > CustomLog logfile combined env=!login>
> >
> > I am using these directives inside a VirtualHost definition, which is
> > in turn inside the server config file. The current problem is that all
> > information is logging to one file, not being seperated into two.
>
> It must be that the SetEnvIfNoCase rule is not getting tripped... So;
>
> - i guess you really just put the user's name in "<username>", i.e. if I
> were logging in the line would read:
>
> SetEnvIfNoCase REMOTE_USER owen login
>
> (being really picky here - just checking the <>s are puctuation and not
> really there).
Yes, they are just punctuation for email purposes.
> - Are you sure REMOTE_USER is getting to the rule? Could you try adding
> %{REMOTE_USER} to the CustomLog to check.
As I mentioned in my original email I can see the username in the
logfiles, this
is covered by the %u in the combined logfile definition. I also tested
by using
PHP, the user name is displayed and correct.
<?php echo "Username = $REMOTE_USER";?>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
combined
Here is a snippet from the logfile when someone has been authorized
xx.xx.xx.xx - username [29/Nov/2001:11:14:27 -0600] "GET /test HTTP/1.1"
301 382
And one when they havn't been
xx.xx.xx.xx - - [29/Nov/2001:11:14:13 -0600] "GET /images/blank.gif
HTTP/1.1" 304 -
> Which file gets all accesses - "logfile" or "logfile_auth"?
logfile
Jayson
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: SetEnvIf Woes
Posted by Owen Boyle <ob...@bourse.ch>.
Jayson Strudwick wrote:
>
> > SetEnvIfNoCase REMOTE_USER "<username>" login
> > CustomLog logfile_auth combined env=login
> > CustomLog logfile combined env=!login>
>
> I am using these directives inside a VirtualHost definition, which is
> in turn inside the server config file. The current problem is that all
> information is logging to one file, not being seperated into two.
It must be that the SetEnvIfNoCase rule is not getting tripped... So;
- i guess you really just put the user's name in "<username>", i.e. if I
were logging in the line would read:
SetEnvIfNoCase REMOTE_USER owen login
(being really picky here - just checking the <>s are puctuation and not
really there).
- Are you sure REMOTE_USER is getting to the rule? Could you try adding
%{REMOTE_USER} to the CustomLog to check.
Which file gets all accesses - "logfile" or "logfile_auth"?
Rgds,
Owen Boyle.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: SetEnvIf Woes
Posted by Jayson Strudwick <js...@whatevercomputes.com>.
> Jayson Strudwick wrote:
> >
> > I have checked the documentation numerous times,
> > I have looked at examples provided online, and for
> > some reason I still can not get the SetEnvIf directive
> > to work as I expected it to.
> >
> > I have a directory password protected via an .htaccess
> > file using the mod_auth directives, that all works fine.
> >
> > What I am playing around with is logging authenticated
> > requests to the server to one logfile, and all the rest
> > to a second logfile. I am attempting to use the following
> > within the VirtualHost definition.
> > ....
> > SetEnvIfNoCase REMOTE_USER "<username>" login
> > CustomLog logfile_auth combined env=login
> > CustomLog logfile combined env=!login
> > ....
>
> I've not used this directive before, but there seems to be a case-error:
> "REMOTE_USER" should be "Remote_User".
>
> Also, you're not using these directives in a .htaccess file are you? If
> so, they can't go there (well, SetEnvIfNoCase can but CustomLog can't).
> try the whole shebang in httpd.conf.
>
> Rgds,
>
> Owen Boyle.
I had tried it both upper and lower case, then I looked at the source
for SetEnvIf and found out that it doesn't matter, it uses a case
insensitive comparison.
Line 271 of setenvif.c:
else if (!strcasecmp(fname, "remote_user")) {
new->special_type = SPECIAL_REMOTE_USER;
I am using these directives inside a VirtualHost definition, which is
in turn inside the server config file. The current problem is that all
information is logging to one file, not being seperated into two.
Jayson Strudwick
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: SetEnvIf Woes
Posted by Owen Boyle <ob...@bourse.ch>.
Jayson Strudwick wrote:
>
> I have checked the documentation numerous times,
> I have looked at examples provided online, and for
> some reason I still can not get the SetEnvIf directive
> to work as I expected it to.
>
> I have a directory password protected via an .htaccess
> file using the mod_auth directives, that all works fine.
>
> What I am playing around with is logging authenticated
> requests to the server to one logfile, and all the rest
> to a second logfile. I am attempting to use the following
> within the VirtualHost definition.
> ....
> SetEnvIfNoCase REMOTE_USER "<username>" login
> CustomLog logfile_auth combined env=login
> CustomLog logfile combined env=!login
> ....
I've not used this directive before, but there seems to be a case-error:
"REMOTE_USER" should be "Remote_User".
Also, you're not using these directives in a .htaccess file are you? If
so, they can't go there (well, SetEnvIfNoCase can but CustomLog can't).
try the whole shebang in httpd.conf.
Rgds,
Owen Boyle.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org