httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stormy <>
Subject Re: [users@httpd] Followup to [Bug 50028] (LDAP authentication with encrypted passwords)
Date Sat, 30 Mar 2013 17:51:23 GMT
At 12:05 PM 3/30/2013 +1000, Noel Butler wrote:
>Sounds like a package manager problem to me

I'm not sure of that, but I'm not a php expert :(  Just been doing some 
testing on the sandbox (dpkg --force-all, not apt), and it comes back to 
php lack of thread safety. Blowfish encryptation doesn't function without 
full php and libapache2-mod-php5, and if I leave those in place and go back 
to mpm-worker (faster, less overhead for my server usage) I seem to be in 
trouble with env vars (setlocale.php). Not sure if I can run FastCGI and 
remove mod-php? I've read that this would restore thread safety by taking 
php outside Apache (2.2.22 on U 12.04 LTS)

By the way, is there a "quick" way of swapping between worker and prefork 
without re-compiling? That would make my testing a whole lot easier.

Thanks a million - Paul

>On Fri, 2013-03-29 at 19:30 -0400, Stormy wrote:
>>At 07:11 PM 3/28/2013 -0400, Eric Covener wrote:
>> >mod_authnz_ldap requires HTTP Basic Authentication, which doesn't have
>> >any provision to encrypt the password separately from the rest of the
>> >connection.
>> >
>> >mod_authnz_ldap doesn't work with Digest authentication -- I don't think
>> >it can.
>>(Slight tangent to this thread) does anyone know of an equivalent to
>>php-crypt-blowfish that works with Apache2 compiled as worker? it seems to
>>want to:
>>The following packages will be REMOVED:
>>    apache2-mpm-worker
>>The following NEW packages will be installed:
>>    apache2-mpm-prefork libapache2-mod-php5 php-crypt-blowfish php5
>>I'm not stuck on php and might prefer Perl or PEAR, whatever.
>>Thanks - Paul
>>To unsubscribe, e-mail: 
>>For additional commands, e-mail: 

View raw message