httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Barry Scott <barry.sc...@onelan.co.uk>
Subject mod_fcgid POST broken if FcgiAuthorizer is run
Date Fri, 09 Oct 2009 16:04:26 GMT
This has been filed as issue 
https://issues.apache.org/bugzilla/show_bug.cgi?id=47973

Further testing of our application has shown up a problem using
mod_fcgid 2.3.4.

With the following configuration we are seeing the request body
of POST messages get stripped out if FcgidAuthorizer is used for
Location /player.  If we comment out the "Require onelan magic" the
POSTs work.

Looking at bridge_request we see the code is reading the input buckets
and feeding then to the Authorizer.

It seems to us that:

Either this must not happen if the fcgid is an authorizer
or the buckets must be put back for whatever handles
the POST to process.

Barry


...
LoadModule fcgid_module modules/mod_fcgid.so

FcgidCmdOptions /usr/local/onelan/html/dsmauthorizer.fcgi MaxProcesses 1
FcgidCmdOptions /usr/local/onelan/html/dsm.fcgi MaxProcesses 1
FcgidCmdOptions /usr/local/onelan/html/dsmxml.fcgi MaxProcesses 1


<VirtualHost *:80>

   #+ Rewrite Web API Rules
   RewriteEngine on

   # security - deny TRACE and TRACK requests
   RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
   RewriteRule .* - [F]
   #- Rewrite Web API Rules

   #+ Rewrite Web API Rules
   # make the URLs hide the use of dsm.fcgi
   RewriteRule ^/$ /dsm.fcgi [L]
   RewriteRule ^/(status|options|organisation|tools|setup|help)($|.*$) 
/dsm.fcgi/$1$2 [L]
   #- Rewrite Web API Rules

   #+ Rewrite XML API Rules
   # make the URLs hide the use of dsmxml.fcgi
   RewriteRule ^/(XML)($|.*$) /dsmxml.fcgi/$1$2 [L]
   #- Rewrite XML API Rules

   #+ Rewrite VPN
   ReWriteMap ntb_ip_address 
prg:/usr/local/onelan/dsm/bin/vpn_lookup_ip_address
   RewriteRule ^/player/(\d+)\.(.*) 
http://${ntb_ip_address:$1}:8080/player/$1.$2 [P]
   #- Rewrite VPN

   #+ Locations Web VPN API
   <Location /player>
         #+ HTTP auth file
       Order allow,deny
       Allow from all
       AuthType Digest
       AuthName "Manager System"
       AuthGroupFile /etc/onelan/common/http.group
       AuthUserFile /etc/onelan/common/http.passwd
       Require onelan magic
       #- HTTP auth file

       FcgidAuthorizer /usr/local/onelan/html/dsmauthorizer.fcgi
   </Location>
</VirtualHost>



Mime
View raw message