apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Luke Kenneth Casson Leighton <l...@samba-tng.org>
Subject xvl, mod_xvl, mod_auth_xvl, mod_access_xvl is next?
Date Fri, 22 Jun 2001 12:56:11 GMT
hi there,

well, i just wanted to write this and let you know what i'm
up to, and also cos i feel like celebrating a bit, i thought
i'd share news on what's been happening with xvl.

i started on xvl eight months ago, it's now what i think raph
levien wanted mod_virgule (running advogato.org) to become,
if you read his release notes.

i'd been meaning to adopt APR lib for quite a while.  due to
xvl's origins, as an apache module, i had clearly been thinking
about it far, far longer than it actually took to _do_ the
conversion, which has been about... 4 hours, total, so far
(still have to do apr_lock_xxx(), signals, and also
help with apr_namedpipe_xxx so i can use it :)

were there any problems with using the latest cvs of APR??
urrr.... nope!  [great work guys!  love it! :)]

when i mentioned xvl on new-httpd 1-month-back, someone there
said, errr, welll... why does xvl have its own authentication?
why not use mod_auth_xxx?  well, the reason was because,
and mod_virgule still does, *completely* take over the
handling of a Directory or VirtualHost.  and i mean *everything*.
so you lost .htaccess, mime-types, all other mod_xxxes -

well, i decided about three days ago that this wasn't good enough,
so... well... it's good enough for me, now, and as a result,
xvl is now a 'registered mime type', _and_, hee hee, i
cut/paste mod_auth and now have mod_auth_xvl.  which reminds me.

@begin Official Notice:

Copyright and ownership of the file mod_auth_xvl.c is hereby
assigned unconditionally to the Apache Software Foundation.

[presumably for them to release under the Apache License.]

I'd appreciate it if authorship could remain
'Luke Kenneth Casson Leighton'.

@end Official Notice

i'll do the same for mod_access_xvl when i do it, probly
this w/e.

btw, whoever wrote those two files, mod_auth.c and mod_access.c,
and whoever designed the apache architecture that made it
a trivial, *trivial* task to create different authentication
and access systems in about 3 hours flat... WELL DONE! 
i danced round the room a bit when i got my first HTTP
Basic authorization... and danced some more when i got
an authorization failure :) :)

mod_auth_xvl.c doesn't support groups, yet, because... well,
i _did_ put groups into an example xvl codebase, once, but
they turned out to be a bit difficult to conceptually follow
[hey, i'd like to be a member of this group, but not that
one.  so i Certify myself as a member of a group, and then
other people - the Admins for the group and all cascading
members from them via the Trust Metric Evaluation - must also
Certify me as a member of the group??? whoo, hooo :) ].

once i have a clear, CLEAR way to think about groups, i'll
add them.  at the moment, they're not exactly needed.  but
then again, the whole point of xvl - not that it's limited
to it, it's way, way more - is to be a Community Forum Engine
and Document Manipulation Engine.

...but think about it.  you want a php page to only be accessed
by a Certified Apprentice-or-above?  no problem, just put a section
in httpd.conf or .htaccess:

	XvlDb /usr/local/virgule
	Type AdvogatoDeveloper
	MinLevel Apprentice
	Seeds raph alan miguel

wow, big deal.  the only thing you lose by doing this
is flexibility: you can't do individual sub-sections
of pages, like you can with .xvl filetypes, but it's
better than nothing at all, which is the present
situation :) :)

anyway, onward with development-related questions that i hope
you might be able to answer.

1) where can anyone think of appropriate places to do 
release notification of xvl?  i mean, there's python.org's
announce list, but that's for python.  where the heck do
i do a release notification of a new scripting language,
for pity's sake? :) :)

2) during my experimentation with httpd.conf and mod_xvl
and mod_auth_xvl, i came across a bug/problem.

mod_xvl has a directive XvlDb /usr/local/virgule which is
the site database directory location.

mod_auth_xvl needs to read this same directory, but not
necessarily so: you could specify a different XvlDb

so, what did i do?  i added the directive XvlDb to mod_auth_xvl
too - same name, cut/paste code job, in fact.

what happened?  apache crashed on every page access.
it seems that it doesn't like two modules having the same
directive names.

so, *groan*, i had to rename the mod_auth_xvl Directive
to AuthXvlDb.  which doesn't make me very happy.

how, inside another apache module, if this Directive AuthXvlDb
doesn't exist, do i 'obtain' the string associated with the
Directive named XvlDb which that module _won't_ be responsible

the answer is probably very simple, i just don't know it :)

3) is there anyone out there who is willing to do a code review?
it's only 16,000 LOC.  however, i'm a little concerned
that, by using the APR architecture, i may have missed something.

4) anyone out there willing to get involved with this project,
help out developing it - which to be honest i would rather
was a pruning job of *removing* as much code as possible!


basically, i'm really enjoying this little project.  the
only thing that makes me slightly nervous is that it's,
well... new!  new means 'warts'.  surprisingly, new _doesn't_
mean 'unstable', here.  but i added the dso-loading
(apr_dso_load YESSS :) to help with that, so people can
Roll Their Own, basically.

i added support for <xincludes> and XSL / Transform,
thanks to daniel veillard's advice (and excellent work)
as a result, but even then, you still need xvl as a
'launch' platform because XSLT needs *two* files as input
*and* a table of input-params in order to generate output.

whoopsie :)

all best,


View raw message