You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Lukas Ruf <ru...@rawip.org> on 2002/12/27 23:02:17 UTC
[users@httpd] Identifying a session
Dear all,
is there an easy way to identify a session of a user?
Explaining my problem:
- I would like to login into some web page.
- After a succesful login, I have a valid session id -- that's what I
would like to have.
- This session id should be retrievable by any SSI or CGI running on
this web-page.
- Further, this session id should be invalidateable, i.e. the the
SSI/CGI scripts should be able to invalidate this id.
Is there any way to handle such a problem?
Thanks in advance.
Lukas
PS: If possible, I would like to avoid making use of cookies, i.e. the
whole procedure should be server-based only.
--
Lukas Ruf
http://www.lpr.ch
Wanna know anything about raw ip?
Join rawip@rawip.org on http://www.rawip.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Identifying a session
Posted by Jurgen <ap...@squarehosting.com>.
Hi,
IP based would be a great solution, because you only needed to map the IP to the session id. You could even use the IP as sessionid. But as Chris already said, it is easily possible that on IP is used by several people. This is especially a problem if you deal with sensitive data. So all that's left is Cookies and URLs. With cookies you depend on the browsers and with URLs you will have a lot of work.
IF you would like it only apache based you could use mod-rewrite and use some Perl with the cookie value, but for that the cookie has to be set already and it really doesn't make much sense that way.
Jurgen
On Fri, 27 Dec 2002 23:49:15 -0000
"Chris Taylor" <ch...@x-bb.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hmmm, an interesting one. AFAIK this isn't possible with stock
> Apache. PHP and the like support session-based functions, but of
> course the SID is only accessible to PHP scripts. I think PHP's
> session functions allow you to do it without cookies, but with the ID
> pasted onto URLs (which can get annoying to code).
>
> JSP uses sessions internally I believe, but I've only just started
> messing around with it so I'm not certain how much you can do with
> this SID. I doubt it's accessible to other CGI engines, for one
> thing.
>
> If you're thinking along the lines of htaccess login-type stuff,
> you're out of luck, it doesn't involve a session of any kind on the
> server, it's all controlled at the browser end, no SID is used or
> needed.
>
> I think *maybe* you could do something like this using a text file or
> a database to store SIDs and manage the whole session thing yourself,
> maybe using Perl or another scripting language, but I can imagine it
> being quite a lot of work (considering PHP's session functions are
> already so simple to use) to implement.
>
> mod_usertrack lets you follow users, but I seem to remember cookies
> are essential. In fact, cookies are the best way to do this anyway,
> given that you need to be able to track multiple users from the same
> IP (like at a university). This would be pretty hard to implement
> purely server-side IMO :)
>
> HTH,
>
> Chris Taylor - chris@x-bb.org - The guy with the PS2 WebServer -
> http://www.x-bb.org/chris.asc
>
> - ----- Original Message -----
> From: "Lukas Ruf" <ru...@rawip.org>
> To: <us...@httpd.apache.org>
> Sent: Friday, December 27, 2002 10:02 PM
> Subject: [users@httpd] Identifying a session
>
>
> > Dear all,
> >
> > is there an easy way to identify a session of a user?
> >
> > Explaining my problem:
> > - I would like to login into some web page.
> > - After a succesful login, I have a valid session id -- that's what
> > I
> > would like to have.
> > - This session id should be retrievable by any SSI or CGI running
> > on
> > this web-page.
> > - Further, this session id should be invalidateable, i.e. the the
> > SSI/CGI scripts should be able to invalidate this id.
> >
> > Is there any way to handle such a problem?
> >
> > Thanks in advance.
> > Lukas
> > PS: If possible, I would like to avoid making use of cookies, i.e.
> > the
> > whole procedure should be server-based only.
> > --
> > Lukas Ruf
> > http://www.lpr.ch
> > Wanna know anything about raw ip?
> > Join rawip@rawip.org on http://www.rawip.org
> >
> > --------------------------------------------------------------------
> > - The official User-To-User support forum of the Apache HTTP Server
> > Project. See <URL:http://httpd.apache.org/userslist.html> for more
> > info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
>
> iQA/AwUBPgzm+Cqf8lmE2RZkEQK9DwCfRqc3uDJfqI+//8FefohIlmYPducAoKOf
> //yYlgRopyVGotsUTdJXfXJc
> =NkOQ
> -----END PGP SIGNATURE-----
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Identifying a session
Posted by Lukas Ruf <ru...@rawip.org>.
> Rich Bowen <rb...@rcbowen.com> [2002-12-28 17:27]:
>
>
> OK, in C, I don't know, having never done CGI in C. But in Perl, there
> are functions in CGI.pm to set and retrieve cookies. See the
> documentation for CGI.pm (perldoc CGI) for more details here.
>
I will start reading after dinner!
> > I would like to know how things work that's why I asked
> > for a good explanation/documentation. Is there something like an rfc
> > or a document on w3c.org?
>
> I'm not sure that cookies ever went through an RFC process, but perhaps
> they did. Here's the details:
>
Thanks! These details were exactly what I was looking for!
Lukas
--
Lukas Ruf
http://www.lpr.ch
Wanna know anything about raw ip?
Join rawip@rawip.org on http://www.rawip.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Identifying a session
Posted by Lukas Ruf <ru...@rawip.org>.
* Rich Bowen <rb...@rcbowen.com> [2002-12-28 17:27]:
> On Sat, 28 Dec 2002, Lukas Ruf wrote:
>
> > > A cookie is just a means of setting a variable in a persistent
> > > manner. You send a Set-Cookie header, and you receive it back
> > > again the next time that the client visits. You use them as you
> > > would any other configuration variable. Most CGI libraries,
> > > for various languages, have some means of setting and reading
> > > cookies in a simplified manner. What language are you using?
> >
> > C and perl
>
> OK, in C, I don't know, having never done CGI in C. But in Perl,
> there are functions in CGI.pm to set and retrieve cookies. See the
> documentation for CGI.pm (perldoc CGI) for more details here.
>
maybe the following text is commodity knowledge -- however, I figured
out what to do for cookie-programming. Thanks to your hints!
Searching the web, I found:
<http://wp.netscape.com/newsref/std/cookie_spec.html> which explains
the cookies fairly well!
However, what cost me another couple of hours figuring out is the
"header". After loads of trials -- it is really trivial, if you know
:-)
My Test program.
-- snip
#include <stdio.h>
#include <stdlib.h>
int main(int argc, char **argv, char **envp)
{
int i = 0;
char *cookie = 0; /* NULL required unistd.h if I was not mistaken */
/* Standard Header as to be sent by the cgi script */
fprintf(stdout, "Content-Type: text/html\n");
fprintf(stdout, "Set-Cookie: NAME=NAME_VALUE;\n");
fprintf(stdout, "\n"); /* this line ends the header! */
fprintf(stdout,
"<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML Level 3//EN//3.0\"> \n");
fprintf(stdout, "<HTML>");
fprintf(stdout, "<HEAD>");
fprintf(stdout, "<TITLE>");
fprintf(stdout, "A Sample Cookie-Application");
fprintf(stdout, "</TITLE>");
fprintf(stdout, "</HEAD>\n");
fprintf(stdout, "<BODY>\n");
/* If the client accepted the cookie, the cookie would be visible in the
* same cgiScript then.
*/
if (NULL != (cookie = getenv("HTTP-COOKIE")))
fprintf(stdout, "Our funny cookie: %s\n<BR>", cookie);
else
fprintf(stdout, "Our funny cookie has not been accepted.\n<BR>");
/* Dump the complete set of environment variables */
for (i = 0; envp[i] && fprintf(stdout, "%s<BR>\n", envp[i]) > 0; i++);
fprintf(stdout, "</BODY>\n");
fprintf(stdout, "</HTML>");
}
-- snip
Well, as mentioned above -- maybe everyone knows this already.
However, I had been happy did I find such an example code on the web
two hours ago! So, it might be the case that someone in the future
will find this script helpful. Drop me a line at <ru...@maremma.ch> if
the example helped understanding,-)
wbr,
Lukas
PS: Some keywords for searching:
cookie programming c code cgi header dynamic
--
Lukas Ruf
http://www.lpr.ch
"Once you have solved the problem, the issue has become trivial!", lpr
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Identifying a session
Posted by Lukas Ruf <ru...@rawip.org>.
> Chris Taylor <ch...@x-bb.org> [2002-12-28 17:30]:
>
>
> In the past, I normally use a Database with all my user details, and
> store a hash of the password (ie, something non reversible) and the
> user id in the cookie. That effectively means you can auth them on
> every page (check that the server-generated hash matches the cookie's
> one) without any trouble, and is sufficiently quick to execute.
>
> It also gives you a lot more options that using REMOTE_USER only.
> However, I generally design semi-secure sites (basic forums, add-on
> login functions etc). Of course, you can SSL on top of all this to
> add a bit of *real* security.
>
yupp! I will follow this hint to optimize my approach once I got it
working.
Thanks!
Lukas
--
Lukas Ruf
http://www.lpr.ch
Wanna know anything about raw ip?
Join rawip@rawip.org on http://www.rawip.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Identifying a session
Posted by Chris Taylor <ch...@x-bb.org>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In the past, I normally use a Database with all my user details, and
store a hash of the password (ie, something non reversible) and the
user id in the cookie. That effectively means you can auth them on
every page (check that the server-generated hash matches the cookie's
one) without any trouble, and is sufficiently quick to execute.
It also gives you a lot more options that using REMOTE_USER only.
However, I generally design semi-secure sites (basic forums, add-on
login functions etc). Of course, you can SSL on top of all this to
add a bit of *real* security.
This is PHP btw, but I imagine this can be extended to Perl with a
bit of experience. The golden rule is probably to minimize the amount
in each cookie, then it's hard to work out how your system functions
from just seeing the cookie :) The less in it, the quicker it's
transferred each way as well...
Just my 2p,
Chris Taylor - chris@x-bb.org - The guy with the PS2 WebServer -
http://www.x-bb.org/chris.asc
- ----- Original Message -----
From: "Lukas Ruf" <ru...@rawip.org>
To: <us...@httpd.apache.org>
Sent: Saturday, December 28, 2002 3:57 PM
Subject: Re: [users@httpd] Identifying a session
>
> > Rich Bowen <rb...@rcbowen.com> [2002-12-28 16:53]:
> >
> >
> > Yes, if REMOTE_USER is set, you can be confident that the user
> > correctly made it through the authentication phase.
> >
> so, I am save with https and REMOTE_USER ,-) Thanks!
>
> > > Is there somewhere any good explanation how to program with
> > > cookies?
> >
> > A cookie is just a means of setting a variable in a persistent
> > manner. You send a Set-Cookie header, and you receive it back
> > again the next time that the client visits. You use them as you
> > would any other configuration variable. Most CGI libraries, for
> > various languages, have some means of setting and reading cookies
> > in a simplified manner. What language are you using?
> >
> C and perl
>
> Thanks for your explanation. This Set-Cookie header makes part of
> the web-page header?
>
> I would like to know how things work that's why I asked
> for a good explanation/documentation. Is there something like an
> rfc or a document on w3c.org?
>
> wbr,
> Lukas
> --
> Lukas Ruf
> http://www.lpr.ch
> Wanna know anything about raw ip?
> Join rawip@rawip.org on http://www.rawip.org
>
> --------------------------------------------------------------------
> - The official User-To-User support forum of the Apache HTTP Server
> Project. See <URL:http://httpd.apache.org/userslist.html> for more
> info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBPg3RpSqf8lmE2RZkEQKekgCfQVP4jYZ5P94jKN/WJe3U6TjKPjIAoPWC
dI8KqlB7rH9XKCX/mfkAw5Yk
=hYdl
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Identifying a session
Posted by Rich Bowen <rb...@rcbowen.com>.
On Sat, 28 Dec 2002, Lukas Ruf wrote:
> > A cookie is just a means of setting a variable in a persistent manner.
> > You send a Set-Cookie header, and you receive it back again the next
> > time that the client visits. You use them as you would any other
> > configuration variable. Most CGI libraries, for various languages, have
> > some means of setting and reading cookies in a simplified manner. What
> > language are you using?
> >
> C and perl
OK, in C, I don't know, having never done CGI in C. But in Perl, there
are functions in CGI.pm to set and retrieve cookies. See the
documentation for CGI.pm (perldoc CGI) for more details here.
> Thanks for your explanation. This Set-Cookie header makes part of the
> web-page header?
That's correct. However, if you use one of the libraries to get at them,
you don't really need to be concerned about the details.
> I would like to know how things work that's why I asked
> for a good explanation/documentation. Is there something like an rfc
> or a document on w3c.org?
I'm not sure that cookies ever went through an RFC process, but perhaps
they did. Here's the details:
The server (ie, your CGI program) sends a Set-Cookie header
Set-Cookie: name=value
The browser sends back, to the same server that sent it, that same
cookie:
HTTP_COOKIE="Name=Value"
Which you can retrieve from the environment:
$cookie=$ENV{HTTP_COOKIE};
or, using the CGI module:
use CGI;
$query = new CGI;
$riddle = $query->cookie('name');
You can do a lot more with cookies than that, and I'd really recommend
looking at the docs to the CGI module for details, since it teaches you
all about cookies, but also a programmatic interface to them, which is
more practical knowledge.
--
Oh I have slipped the surly bonds of earth
And danced the sky on laughter-silvered wings
--High Flight (John Gillespie Magee)
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Identifying a session
Posted by Lukas Ruf <ru...@rawip.org>.
> Rich Bowen <rb...@rcbowen.com> [2002-12-28 16:53]:
>
>
> Yes, if REMOTE_USER is set, you can be confident that the user correctly
> made it through the authentication phase.
>
so, I am save with https and REMOTE_USER ,-) Thanks!
> > Is there somewhere any good explanation how to program with cookies?
>
> A cookie is just a means of setting a variable in a persistent manner.
> You send a Set-Cookie header, and you receive it back again the next
> time that the client visits. You use them as you would any other
> configuration variable. Most CGI libraries, for various languages, have
> some means of setting and reading cookies in a simplified manner. What
> language are you using?
>
C and perl
Thanks for your explanation. This Set-Cookie header makes part of the
web-page header?
I would like to know how things work that's why I asked
for a good explanation/documentation. Is there something like an rfc
or a document on w3c.org?
wbr,
Lukas
--
Lukas Ruf
http://www.lpr.ch
Wanna know anything about raw ip?
Join rawip@rawip.org on http://www.rawip.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Identifying a session
Posted by Rich Bowen <rb...@rcbowen.com>.
On Sat, 28 Dec 2002, Lukas Ruf wrote:
> > If you're thinking along the lines of htaccess login-type stuff,
> > you're out of luck, it doesn't involve a session of any kind on the
> > server, it's all controlled at the browser end, no SID is used or
> > needed.
> >
> However, by the browser based identification, there must be something
> like a hashed key, isn't it? I mean, if my scripts get executed with
> a valie REMOTE_USER name, I can be sure that the user has correctly
> loged in, can't I?
Yes, if REMOTE_USER is set, you can be confident that the user correctly
made it through the authentication phase.
> Is there somewhere any good explanation how to program with cookies?
A cookie is just a means of setting a variable in a persistent manner.
You send a Set-Cookie header, and you receive it back again the next
time that the client visits. You use them as you would any other
configuration variable. Most CGI libraries, for various languages, have
some means of setting and reading cookies in a simplified manner. What
language are you using?
--
Rich Bowen - rbowen@rcbowen.com
ReefKnot - http://www.reefknot.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Identifying a session
Posted by Lukas Ruf <ru...@rawip.org>.
> Chris Taylor <ch...@x-bb.org> [2002-12-28 00:50]:
>
> If you're thinking along the lines of htaccess login-type stuff,
> you're out of luck, it doesn't involve a session of any kind on the
> server, it's all controlled at the browser end, no SID is used or
> needed.
>
However, by the browser based identification, there must be something
like a hashed key, isn't it? I mean, if my scripts get executed with
a valie REMOTE_USER name, I can be sure that the user has correctly
loged in, can't I?
>
> mod_usertrack lets you follow users, but I seem to remember cookies
> are essential. In fact, cookies are the best way to do this anyway,
> given that you need to be able to track multiple users from the same
> IP (like at a university). This would be pretty hard to implement
> purely server-side IMO :)
>
Is there somewhere any good explanation how to program with cookies?
Thanks!
Lukas
--
Lukas Ruf
http://www.lpr.ch
Wanna know anything about raw ip?
Join rawip@rawip.org on http://www.rawip.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Identifying a session
Posted by Chris Taylor <ch...@x-bb.org>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hmmm, an interesting one. AFAIK this isn't possible with stock
Apache. PHP and the like support session-based functions, but of
course the SID is only accessible to PHP scripts. I think PHP's
session functions allow you to do it without cookies, but with the ID
pasted onto URLs (which can get annoying to code).
JSP uses sessions internally I believe, but I've only just started
messing around with it so I'm not certain how much you can do with
this SID. I doubt it's accessible to other CGI engines, for one
thing.
If you're thinking along the lines of htaccess login-type stuff,
you're out of luck, it doesn't involve a session of any kind on the
server, it's all controlled at the browser end, no SID is used or
needed.
I think *maybe* you could do something like this using a text file or
a database to store SIDs and manage the whole session thing yourself,
maybe using Perl or another scripting language, but I can imagine it
being quite a lot of work (considering PHP's session functions are
already so simple to use) to implement.
mod_usertrack lets you follow users, but I seem to remember cookies
are essential. In fact, cookies are the best way to do this anyway,
given that you need to be able to track multiple users from the same
IP (like at a university). This would be pretty hard to implement
purely server-side IMO :)
HTH,
Chris Taylor - chris@x-bb.org - The guy with the PS2 WebServer -
http://www.x-bb.org/chris.asc
- ----- Original Message -----
From: "Lukas Ruf" <ru...@rawip.org>
To: <us...@httpd.apache.org>
Sent: Friday, December 27, 2002 10:02 PM
Subject: [users@httpd] Identifying a session
> Dear all,
>
> is there an easy way to identify a session of a user?
>
> Explaining my problem:
> - I would like to login into some web page.
> - After a succesful login, I have a valid session id -- that's what
> I
> would like to have.
> - This session id should be retrievable by any SSI or CGI running
> on
> this web-page.
> - Further, this session id should be invalidateable, i.e. the the
> SSI/CGI scripts should be able to invalidate this id.
>
> Is there any way to handle such a problem?
>
> Thanks in advance.
> Lukas
> PS: If possible, I would like to avoid making use of cookies, i.e.
> the
> whole procedure should be server-based only.
> --
> Lukas Ruf
> http://www.lpr.ch
> Wanna know anything about raw ip?
> Join rawip@rawip.org on http://www.rawip.org
>
> --------------------------------------------------------------------
> - The official User-To-User support forum of the Apache HTTP Server
> Project. See <URL:http://httpd.apache.org/userslist.html> for more
> info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBPgzm+Cqf8lmE2RZkEQK9DwCfRqc3uDJfqI+//8FefohIlmYPducAoKOf
//yYlgRopyVGotsUTdJXfXJc
=NkOQ
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org