You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Garth Winter Webb <ga...@perijove.com> on 2003/02/19 08:50:08 UTC
Re: [users@httpd] Apache 2 uses relative pathnames when executing
cgi scripts?
This doesn't exactly answer your question, but it may solve your problem
anyway. You force a call to 'login.cgi' on every request to make sure
the user is legitimate, correct? Why do a rewrite when Apache has
facilities for this already?
Check out the PerlAccessHandler directive (you need mod_perl loaded):
http://perl.apache.org/docs/2.0/user/handlers/http.html#PerlAccessHandler
You give it the name of a Perl module containing a subroutine named
'handler'. This subroutine will be run for every request that the
server processes. This happens around the time in the request cycle
when Apache is checking for .htaccess file based authentication
control. Because of this its guaranteed to run before the CGI script
named in the URL does. If the request fails to authenticate itself
properly, you can redirect to an error or login page. If it succeeds
then the request will continue.
This way, you don't have to do a rewrite for nearly every single request
(don't forget image, style sheet and javascript file requests that
happen with every page load). Not only will you save time per request
by avoiding the rewrite, you won't need a mini-apache in login.cgi
serving whatever page is "$1&%{QUERY_STRING}".
Garth
On Tue, 2003-02-18 at 22:47, Mark Ferraretto wrote:
> Hello all,
>
> I have a web site that I've been testing under apache 1.3.26 and also apache 2.0.44. I prepend 'login.cgi' to all the scripts I run to enforce a login policy. I do this using mod_rewrite. I've noticed that under apache 2.0.44, login.cgi is executed after what looks like a chdir to the document root directory:
>
> nobody 17839 17080 1 12:17:49 ? 0:00 /db/bin/perl login.cgi
>
> On apache 1.3.26, this script is called with its full pathname:
>
> nobody 17932 29089 1 12:21:08 ? 0:00 /db/bin/perl /home/ferrarm/src/dbuser/htdocs/login.cgi
>
> I want the same behaviour to happen on 2.0.44 as well.
>
> I've looked up the manuals and searched Google but haven't been able to find out anything about this. I use the same document root for both the 1.3 and 2.0 installations.
>
> Can anyone help?
>
> The mod_rewrite rules are the same for both installations so it doesn't seem to be the cause. Here's an example anyway.
>
> DocumentRoot /home/ferrarm/src/dbuser/htdocs
>
> <Directory "/home/ferrarm/src/dbuser/htdocs">
> Options ExecCGI SymLinksIfOwnerMatch
> Order allow,deny
> Allow from all
> RewriteEngine on
> RewriteBase /home/ferrarm/src/dbuser/htdocs
> RewriteCond %{REQUEST_FILENAME} !/nph-logout\.cgi$
> RewriteCond %{REQUEST_FILENAME} !/login\.cgi$
> RewriteRule ^(.+\.cgi$)$ /login.cgi?cgi=/home/ferrarm/src/dbuser/htdocs/$1&%{QUERY_STRING} \
> [L,E=DBUSER_PRODUCTION:0]
> </Directory>
>
>
> Thanks
>
> Mark
>
> --
> Mark Ferraretto
> Unix Systems Administrator
> Deutsche Bank Hong Kong
> w: +852 2203 6362 m: +852 9558 8032
> mark.ferraretto@db.com
>
>
> --
>
> This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
--
Garth Winter Webb <ga...@perijove.com>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org