httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jonathan Gazeley <jonathan.gaze...@bristol.ac.uk>
Subject Re: [users@httpd] Error 403 with POST but not GET
Date Wed, 10 Jun 2009 13:06:41 GMT
Hi Andre,

Thanks for your reply

registerMAC.pl accepts username, MAC address and device type as 
arguments so users can register their devices in our database. The 
database is later relied on for authentication with FreeRADIUS, but this 
perl script does not do authorization or authentication. This script 
simply validates and inserts the values.

When POSTing to the script, the 403 is returned so fast that there 
clearly isn't time for the script to run.

I am indeed using CGI.pm but it's the same version on both servers - 
they are both running CentOS 5 with the standard stuff from 
repositories. Perl is also the same version.

I should probably also add that while I am using mod_cas.so for 
authorisation, the same behaviour occurs if I run the server without CAS.

Any ideas?

Thanks,
Jonathan


André Warnier wrote:
> Jonathan Gazeley wrote:
>>
>> x.x.x.x - jg4461 [09/Jun/2009:07:18:32 +0100] "GET 
>> /cgi-bin/registerMAC.pl?ticket=ST-39049938-KDf1eIxd5gH0dodU8KzX 
>> HTTP/1.1" 200 4792
>> x.x.x.x - - [09/Jun/2009:07:19:40 +0100] "POST 
>> /cgi-bin/registerMAC.pl HTTP/1.1" 403 313
>>
> Just from the name and arguments of the script, I'd guess that the 
> script itself has something to do with authentication/authorisation, 
> and that it may well be /it/ which returns the 403 error.
> Since the script is perl, to handle these requests it may very well be 
> using the CGI.pm (perl library) module, and this module (and perl) may 
> be another version on your new server.  This different version in turn 
> may very well be interpreting GET and POST arguments differently from 
> the previous one.
> In a POST, arguments are sent in the /body/ of the HTTP request, not 
> only in the URL.  That's why you do not see some arguments in the 
> access log.
>
> If you care to send me the script or post it somewhere for a look, I 
> could probably tell you more.
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server 
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>


-- 
----------------------------
Jonathan Gazeley
Systems Support Specialist
ResNet | Wireless & VPN Team
Information Services
University of Bristol
----------------------------


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message