You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Ryan A <r...@jumac.com> on 2003/01/12 01:15:03 UTC

[users@httpd] George Valpack-->Re: [users@httpd] OT-Getting info and DAP etc clients

Hi,
I am more of a PHP and java programmer, is learning PERL hard? or  can you
give me a good resource on the web to learn perl and using the mod_perl
module?

Cheers,
-Ryan A.


----- Original Message -----
From: "George Valpak" <gv...@yahoo.com>
To: <us...@httpd.apache.org>
Sent: Sunday, January 12, 2003 12:50 AM
Subject: Re: [users@httpd] OT-Getting info and DAP etc clients


> At 06:51 PM 1/11/2003 -0500, you wrote:
> >George Valpak wrote:
> >>What if you only allowed x (maybe x=1) simultaneous logins? This
> >>could be managed at authorization time.
> >
> >HTTP is stateless, you can't track how many times a person is "logged in"
or when they log out.
> >
> >It may appear that you only have to log in at the start of a session, but
actually the browser remembers that you had to send authorization
information and continues to send it for each future page requested.
>
> I admit I picked up the thread in the middle, but isn't he talking about
preventing password sharing? If so, then he must know if a particular
account is in use ("logged in" at any given time).
>
> Oh wait, you have to use something other than Basic Authentication for
that, which could mean writing a handler to handle the
authentication/authorization. Since I do all my work under mod_perl, I do
that all the time and sort of forgot it is not available by default.
>
> So let me rephrase my original answer:
>
> If  you are able to create an authentication/authorization handler, then
you can use something other than Basic authentication to track whether or
not someone is logged in. You could then prevent or at least manage,
simultaneous logins as needed. This could, depending on your reasons for
wanting to prevent pw sharing, help a lot.
>
> Sessions can help, but authorization happens at an earlier stage in
Apache's processing cycle and so you could catch folks before a session is
even created for them.
>
> GV
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Re: [users@httpd] George Valpack-->Re: [users@httpd] OT-Getting info and DAP etc clients

Posted by George Valpak <gv...@yahoo.com>.
At 01:15 AM 1/12/2003 +0100, you wrote:
>Hi,
>I am more of a PHP and java programmer, is learning PERL hard? or  can you
>give me a good resource on the web to learn perl and using the mod_perl
>module?

Perl's motto is "there is more than way to do it" so there isn't a good answer to "is it hard" :)

I suggest starting at www.perl.org for general perl stuff, and www.apache.org for apache stuff - there is extensive mod_perl help there.

I think you really are looking at apache issues so look up about the authentication/authorization phases of the apache cycle.

I don't know the configuration of your server - mod_perl may or may not be installed. It gets installed at apache build time, at least by me. apache.org can tell you if there is a way to do otherwise, but I am not sure about if it is or not.

I also would suspect you can get similar abilities from mod_php which may or may not be installed. I don't know the definitive source for info on that, but I do know there is a brand new php cookbook from O'Reilley which might address using mod_php to access apache internals as mod_perl does. 

Googling "php apache authentication" might turn up some useful stuff. I don't think what I described earlier strictly needs to be implemented in perl, just that is the world I come from. You could probably do it in Java too - substitute java for php in that google suggestion.

GV



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org