Board index Unix Web Servers

Running Apache from inetd with authorization

Running Apache from inetd with authorization

Post by Tolliver Johnny » Sat, 16 Mar 1996 04:00:00



Has anyone successfully configured Apache to run from inetd? If so, what are
the tricks needed? I've tried on both HP-UX 10.x and IBM AIX 4.1. Both fail with
similar symptoms if I attempt to use username/password authorization. Those
symptoms are that a daemon gets launched when a Netscape client attempts to
connect but the client then gets denied with an Authorization Required (401)
error without even putting up a login box.

On the IBM, if I disable authorization by commenting out the AuthUserFile, etc.
lines in access.conf, then it works -- Netscape gets in successfully. But on the
HP, even after disabling authorization, the daemon starts up as before and then
dies as before after sending and error 401 to the client.

Should authorization work when launching from inetd?

How to make it work?

What could be different on the HP such that the daemon craps out even with
authorization turned off?

Thanks,
--
Johnny Tolliver
Oak Ridge National Laboratory

 
 
 
Top

1. External Authorization in Apache--runs too many times

I'm running Apache/1.2b7 on a Linux box.

I downloaded a module for external authorization (from
ftp://ftp.apache.org/apache/dist/contrib/modules/mod_auth_external.c)
which runs gives an external program a username and password and
waits for an exit value.

When the username/password is *invalid*, everything works fine.

The problem is when the username/password is *valid*. It seems this
module runs my verification program 3-4 times. This is a problem because
my program has a side effect of sending mail so I get the same mail sent
3-4 times for one successful access.

Any ideas how to fix this?

If it matters, I'm trying to do basic user authorization and not group.
In my httpd.conf file, I added:
  AddExternalAuth testing /bin/verifier
and in my .htaccess file for the directory I'm controlling, I put:
  AuthName Testing-Area
  AuthExternal testing
  AuthType Basic
  require valid-user

So, am I even using this module correctly? If so, how can I keep
it from running the external verifier over and over for just one access?

Any help is appreciated!

P.S. My first attempt at a solution was to set a global variable in the
mod_auth_external.c file called "externalProgramValue," initialized to -1.
Then, in the two places in the code where system is called, I replaced them
with code to see if externalProgramValue was still -1. If so, the
system command was executed and the value was stored in
externalProgramValue and used by the module. If externalProgramValue
was no longer -1, then the system command wasn't executed and the
earlier value was used.
However, this doesn't work because externalProgramValue needs to be
re-initialized to -1 everytime this module is used, and I can't
figure out how to do that.

--

Visit the Classic Home Games Museum at http://www.cs.unc.edu/~brownde/museum

2. please help !!!! Format hd problem

3. Q inetd/sockets: how to run my daemon from inetd???

4. locking shared object

5. Running Apache as inetd or standalone.

6. Root Logins

7. running apache and sock5 over inetd

8. iMac experiences?

9. LOST root authorisations - cannot run most progs

10. Apache & SecureID authorization

11. Apache: .cgi authorization bug?

12. Apache Authorization for Directory

13. problem with authorization on Apache 2.0.39


All times are UTC
Board index