httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Trawick <>
Subject Re: mod_fcgid - cannot get authorizer process to be started
Date Wed, 30 Sep 2009 16:11:06 GMT
On Wed, Sep 30, 2009 at 11:37 AM, Barry Scott <>wrote:

> At this point let me ask this:
> Is it possible with the current code to ever have the fcgid Authorizer
> called?


This works for me, though it uses the unfortunate valid-group hack with
httpd 2.2 so that no authorizers running before fcgid think they should

<Location /docs>
  <IfVersion >= 2.2>
  AuthBasicAuthoritative Off
# AuthBasicProvider foo

  # work around problem with AAA in mod_fcgid (it can't track more than
  # one AAA script per URL, and even then the URL can't be handled by a
  # FastCGI app)
  # FastCgiAccessChecker %%MYHG%%/apache/fastcgi/apps/
  # FastCgiAuthenticator %%MYHG%%/apache/fastcgi/apps/
  # FastCgiAuthorizer    %%MYHG%%/apache/fastcgi/apps/

  FastCgiAccessChecker %%MYHG%%/apache/fcgid/apps/
  FastCgiAuthenticator %%MYHG%%/apache/fcgid/apps/
  FastCgiAuthorizer    %%MYHG%%/apache/fcgid/apps/

  FastCgiAccessCheckerAuthoritative On
  FastCgiAuthenticatorAuthoritative On
  FastCgiAuthorizerAuthoritative    On

  AuthType Basic
  AuthName "foo"

  <IfVersion < 2.3>

  <IfVersion < 2.2>
    Require group foo

  <IfVersion >= 2.2>
    Require valid-group

    Order allow,deny
    Allow from all

  <IfVersion >= 2.3>
    Require group foo


> If it is not possible I'm willing to try and code the missing pieces, with
> a little
> help being pointed in the right direction.

I hope some "require" experts could jump in ;)

A good solution might be to associate a script with a particular
require-ment so that mod_fcgid can check the Require for any require-ments
implemented by a FastCGI script.

[too] simple example:

FCGIDRequire mydb-user /path/to/my/

<Location /foo>
  Require mydb-user

View raw message