You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by LeVon Smoker <ls...@hrcsb.org> on 2010/06/03 21:30:53 UTC
[users@httpd] Rails, fcgid and environment variables
Is there a way to make environment variables stay set when using mod_fcgid?
I have the following section in an apache config:
<VirtualHost x.x.x.x:80>
ServerName local.domain
DocumentRoot /var/www/myapp/charts
RewriteEngine On
<Directory />
AuthName "Charts"
AuthType Basic
AuthBasicProvider ldap
AuthLDAPBindDN ldapbind@local.domain
AuthLDAPBindPassword xxx
AuthLDAPUrl ldap://x.x.x.x:3268/?sAMAccountName,memberOf?sub
AuthzLDAPAuthoritative off
Require ldap-group cn=Charts,ou=Groups,dc=hrcsb,dc=org
Require ldap-group cn=IT,ou=Groups,dc=hrcsb,dc=org
Require valid-user
</Directory>
RewriteCond %{ENV:AUTHENTICATE_MEMBEROF} (.*cn=(charts|it),.*) [NC]
RewriteCond %{QUERY_STRING} ^(?!(.*batches=true.*))
RewriteRule ^/charts
https://charts.local.domain/charts/?batches=true [L]
RewriteCond %{ENV:AUTHENTICATE_SAMACCOUNTNAME} (.+)
RewriteCond %{ENV:AUTHENTICATE_MEMBEROF} ^(?!(.*cn=(charts|it),.*)) [NC]
RewriteCond %{QUERY_STRING} (.*batches=true.*) [NC]
RewriteRule ^/charts https://charts.local.domain/charts/? [L]
</VirtualHost>
The problem is that with fcgid, the environment variables get unset for
some requests so my rewrites don't work.
Any ideas?
--
LeVon Smoker
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Rails, fcgid and environment variables
Posted by "Thomas, Peter" <pt...@HPTI.com>.
With Rails & phusion -- and thus likely with fcgid -- the environment
variables you are seeing are likely what was in the Apache subprocess
when your persistent Rails or--more generaly--fcgid--process was
spawned. To be safe, I suggest you clear them during Ruby
initialization, to avoid confusion later.
The per-request AUTHENTICATE_* variables from are NOT in the separate
Rails process environment--they are passed as request headers.
--Pete
> -----Original Message-----
> From: LeVon Smoker [mailto:lsmoke@hrcsb.org]
> Sent: Thursday, June 03, 2010 3:31 PM
> To: users@httpd.apache.org
> Subject: [users@httpd] Rails, fcgid and environment variables
>
> Is there a way to make environment variables stay set when
> using mod_fcgid?
>
> I have the following section in an apache config:
> <VirtualHost x.x.x.x:80>
> ServerName local.domain
> DocumentRoot /var/www/myapp/charts
>
> RewriteEngine On
>
> <Directory />
>
> AuthName "Charts"
> AuthType Basic
> AuthBasicProvider ldap
> AuthLDAPBindDN ldapbind@local.domain
> AuthLDAPBindPassword xxx
> AuthLDAPUrl ldap://x.x.x.x:3268/?sAMAccountName,memberOf?sub
> AuthzLDAPAuthoritative off
> Require ldap-group cn=Charts,ou=Groups,dc=hrcsb,dc=org
> Require ldap-group cn=IT,ou=Groups,dc=hrcsb,dc=org
> Require valid-user
>
> </Directory>
>
> RewriteCond %{ENV:AUTHENTICATE_MEMBEROF}
> (.*cn=(charts|it),.*) [NC]
> RewriteCond %{QUERY_STRING} ^(?!(.*batches=true.*))
> RewriteRule ^/charts
> https://charts.local.domain/charts/?batches=true [L]
>
> RewriteCond %{ENV:AUTHENTICATE_SAMACCOUNTNAME} (.+)
> RewriteCond %{ENV:AUTHENTICATE_MEMBEROF}
> ^(?!(.*cn=(charts|it),.*)) [NC]
> RewriteCond %{QUERY_STRING} (.*batches=true.*) [NC]
> RewriteRule ^/charts https://charts.local.domain/charts/? [L]
>
> </VirtualHost>
>
> The problem is that with fcgid, the environment variables get
> unset for some requests so my rewrites don't work.
>
> Any ideas?
> --
> LeVon Smoker
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org