You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by titetluc titetluc <ti...@gmail.com> on 2008/07/01 18:34:14 UTC
[MP2]lookup_uri and HTTPS
Hello all,
I am writing an handler generating sub-requests by using the lookup_uri and
run (Apache2::SubRequest) methods.
My question is : is it technically possible to generate HTTPS sub-request (I
observed that sub-requests were using HTTP) using the mod_perl API ?
If yes, which API do I have to use (I can not find any examples, or I tried
the APR::URI class but unsuccessfully) ?
If not, which solution is possible (using LWP ?)
Thanks
Re: [MP2]lookup_uri and HTTPS
Posted by André Warnier <aw...@ice-sa.com>.
titetluc titetluc wrote:
> My question is : is it technically possible to generate HTTPS sub-request (I
> observed that sub-requests were using HTTP) using the mod_perl API ?
Forgive my impertinence, but on the face of it, that question does not
seem to make a lot of sense.
HTTP or HTTPS are protocols that carry requests and responses over "the
outside world" (e.g. the Internet or Intranet). A sub-request is
something that happens totally inside of Apache, so it does not really
have (nor need) a protocol. You just ask Apache to return the result of
getting "/location/object", without ever leaving the context of Apache
itself.
Now, a REDIRECT going back to the browser is another story, but above
you mention sub-requests, don't you ?
André
Re: [MP2]lookup_uri and HTTPS
Posted by titetluc titetluc <ti...@gmail.com>.
André, Torsten
Thank you for your answer (sorry for the delay)
No, Andre, your are not impertinent. I thought I had a problem related to
the request scheme, but in fact, my httpd configuration was wrong !!!
2008/7/1 Torsten Foertsch <to...@gmx.net>:
> On Tue 01 Jul 2008, titetluc titetluc wrote:
> > I am writing an handler generating sub-requests by using the lookup_uri
> and
> > run (Apache2::SubRequest) methods.
> > My question is : is it technically possible to generate HTTPS sub-request
> > (I observed that sub-requests were using HTTP)
>
> No, none of the protocols is used to make subreqs. HTTP/HTTPS are network
> protocols. With subreqs there is no network. A subreq is like a recursive
> call of the same request answering machine. Hence, HTTPS? is irrelevant.
> Normally the document accessed via a subreq has to be accessible locally.
>
> > using the mod_perl API ? If
> > yes, which API do I have to use (I can not find any examples, or I tried
> > the APR::URI class but unsuccessfully) ?
> > If not, which solution is possible (using LWP ?)
>
> But it can be any kind of document apache can serve. So it can be a regular
> file, something dynamically created (CGI/PHP/modperl etc) or even a
> document
> for which the current server acts as proxy.
>
> So in your case I see 2 options:
>
> 1) implement the included document via a CGI/modperl handler using LWP or
> similar
>
> 2) use mod_proxy as reverse proxy
>
> In both cases it's not possible to proxy an established SSL identity
> (client
> certificate) to the backend server due to the nature of SSL. Nor can your
> client verify the identity of the backend.
>
> If possible I'd go for the mod_proxy version. 1) it doesn't load perl
> routines
> in memory. 2) it passes the data an almost as fast as possible whereas
> homegrown LWP solutions tend to buffer the whole document before sending
> any
> output.
>
> But mod_proxy has also drawbacks. It is very difficult to make a POST
> request
> to the backend this way and feed it some data. I once had a similar problem
> when I wanted to include a proxied document and pass on the POST input of
> the
> original request to the backend. In the end I did it in Perl.
>
> Torsten
>
> --
> Need professional mod_perl support?
> Just hire me: torsten.foertsch@gmx.net
>
Re: [MP2]lookup_uri and HTTPS
Posted by Torsten Foertsch <to...@gmx.net>.
On Tue 01 Jul 2008, titetluc titetluc wrote:
> I am writing an handler generating sub-requests by using the lookup_uri and
> run (Apache2::SubRequest) methods.
> My question is : is it technically possible to generate HTTPS sub-request
> (I observed that sub-requests were using HTTP)
No, none of the protocols is used to make subreqs. HTTP/HTTPS are network
protocols. With subreqs there is no network. A subreq is like a recursive
call of the same request answering machine. Hence, HTTPS? is irrelevant.
Normally the document accessed via a subreq has to be accessible locally.
> using the mod_perl API ? If
> yes, which API do I have to use (I can not find any examples, or I tried
> the APR::URI class but unsuccessfully) ?
> If not, which solution is possible (using LWP ?)
But it can be any kind of document apache can serve. So it can be a regular
file, something dynamically created (CGI/PHP/modperl etc) or even a document
for which the current server acts as proxy.
So in your case I see 2 options:
1) implement the included document via a CGI/modperl handler using LWP or
similar
2) use mod_proxy as reverse proxy
In both cases it's not possible to proxy an established SSL identity (client
certificate) to the backend server due to the nature of SSL. Nor can your
client verify the identity of the backend.
If possible I'd go for the mod_proxy version. 1) it doesn't load perl routines
in memory. 2) it passes the data an almost as fast as possible whereas
homegrown LWP solutions tend to buffer the whole document before sending any
output.
But mod_proxy has also drawbacks. It is very difficult to make a POST request
to the backend this way and feed it some data. I once had a similar problem
when I wanted to include a proxied document and pass on the POST input of the
original request to the backend. In the end I did it in Perl.
Torsten
--
Need professional mod_perl support?
Just hire me: torsten.foertsch@gmx.net