From modperl-return-64918-archive-asf-public=cust-asf.ponee.io@perl.apache.org Thu Dec 6 16:25:39 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 4E79D180674 for ; Thu, 6 Dec 2018 16:25:38 +0100 (CET) Received: (qmail 87509 invoked by uid 500); 6 Dec 2018 15:25:36 -0000 Mailing-List: contact modperl-help@perl.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list modperl@perl.apache.org Received: (qmail 87492 invoked by uid 99); 6 Dec 2018 15:25:36 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 06 Dec 2018 15:25:36 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id D1785180CB0 for ; Thu, 6 Dec 2018 15:25:35 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 2.66 X-Spam-Level: ** X-Spam-Status: No, score=2.66 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=2, KAM_COUK=0.85, KAM_NUMSUBJECT=0.5, RCVD_IN_DNSWL_LOW=-0.7, T_SPF_PERMERROR=0.01] autolearn=disabled Authentication-Results: spamd3-us-west.apache.org (amavisd-new); dkim=pass (1024-bit key) header.d=pobox.com header.b=HaUqpXMs; dkim=neutral reason="invalid (public key: not available)" header.d=article7.co.uk header.b=Br1epXO9 Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id IEWtkeENq7Ii for ; Thu, 6 Dec 2018 15:25:32 +0000 (UTC) Received: from pb-smtp20.pobox.com (pb-smtp20.pobox.com [173.228.157.52]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id CCCF25F67B for ; Thu, 6 Dec 2018 15:25:31 +0000 (UTC) Received: from pb-smtp20.pobox.com (unknown [127.0.0.1]) by pb-smtp20.pobox.com (Postfix) with ESMTP id C56F9320C4 for ; Thu, 6 Dec 2018 10:25:24 -0500 (EST) (envelope-from andrew@article7.co.uk) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=from :content-type:mime-version:subject:message-id:date:references:to :in-reply-to; s=sasl; bh=5WgFVrLryspW/kF9dOJVIQpKHU4=; b=HaUqpXM sxn8dMQD6VfakpbZU3qkYToRVfDarYYDOqHp65hfwLC8L7RyyKCQEBEMh+T69g3P aprEzHnG/QiCftWqgBpYs1ehNpLxfmjtuI4CGmNM7HxI5g6tdULisEVIy93rmmjq 5PgqbzEHpRefTkJxCsbEPQovL5gRnikkdZ60= Received: from pb-smtp20.sea.icgroup.com (unknown [127.0.0.1]) by pb-smtp20.pobox.com (Postfix) with ESMTP id BE587320C3 for ; Thu, 6 Dec 2018 10:25:24 -0500 (EST) (envelope-from andrew@article7.co.uk) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=article7.co.uk; h=from:content-type:mime-version:subject:message-id:date:references:to:in-reply-to; s=mesmtp; bh=YOaKkBcu6bsxD6HVB9qPDO7yhShUKUGUKosU546quuM=; b=Br1epXO9svd7Gc/KVwSfNrYP5or2P3YFJw67CqMwWFYGTlr8SOj0DBejuL2bNcm894a77Pq9OlCx+WJY8xJmCPWBKhT1JqIUtgAF7BZ1bCqq/nvQQGkR2Qn0HtoybX7BomhCbeIIkbrjwDzLCpyYUQDVdbjXR/M3jRgW+DXgZ1Q= Received: from [10.0.1.41] (unknown [82.69.107.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pb-smtp20.pobox.com (Postfix) with ESMTPSA id 99605320B3 for ; Thu, 6 Dec 2018 10:25:20 -0500 (EST) (envelope-from andrew@article7.co.uk) From: Andrew Green Content-Type: multipart/alternative; boundary="Apple-Mail=_8BC3C3FD-0DD2-46C5-B600-AAAC4F1D221B" X-Mao-Original-Outgoing-Id: 565802717.618975-6bcef6e55f6cb9987a42301d72eb5020 Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Subject: Re: Upgrading a mod_perl application from Apache 2.2 to Apache 2.4 Message-Id: Date: Thu, 6 Dec 2018 15:25:18 +0000 References: <5C015DF5.8010208@ice-sa.com> To: modperl@perl.apache.org In-Reply-To: <5C015DF5.8010208@ice-sa.com> X-Mailer: Apple Mail (2.3445.9.1) X-Pobox-Relay-ID: 24B9260C-F96B-11E8-8A7F-F5C31241B9FE-02142243!pb-smtp20.pobox.com --Apple-Mail=_8BC3C3FD-0DD2-46C5-B600-AAAC4F1D221B Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hi all, Huge thanks to everyone for your replies on this. I=E2=80=99ve now been = able to work through everything, and I thought I=E2=80=99d post a quick = update with some additional notes in case there=E2=80=99s anyone else in = the same boat searching the archives in the future! 1. I was able to use the following as a way of determining which version = of Apache is in use at runtime: my $server_version =3D Apache2::ServerUtil::get_server_banner(); my $is_old_apache =3D ($server_version =3D~ /Apache\/2\.2/) ? 1 : 0; 2. My app sets up authen and authz handlers dynamically, from a trans = handler. Andr=C3=A9 was right, this was by far the biggest pain point! My before code looked like this: $r->push_handlers(PerlMapToStorageHandler =3D> sub { $r->add_config(['Require valid-user']); $r->add_config(['AuthType cookie']); }); $r->set_handlers(PerlAuthenHandler =3D> [MyApp::Authen]); $r->set_handlers(PerlAuthzHandler =3D> [MyApp::Authz]); As far as I can tell, I have to pre-declare the new Authz provider in my = server config: PerlAddAuthzProvider myapp MyApp::Authz I didn=E2=80=99t find a way of doing that bit dynamically at runtime. But I can still conditionally trigger the provider for individual = requests from my trans handler, like this: $r->push_handlers(PerlMapToStorageHandler =3D> sub { $r->add_config(['Require myapp']); }); $r->set_handlers(PerlAuthenHandler =3D> [MyApp::Authen]); 3. Combining #1 and #2 meant I=E2=80=99m able to have the same trans = handler run under both Apache 2.2 and 2.4. I was also able to get my = authz handler to run under both by: a. Having the call to Apache2::Compat -compile happen in the server = startup.pl, and not in my module. b. Wrapping the return value like this: sub authz_granted { my $self =3D shift; # So this compiles under old Apache no strict 'subs'; if ($self->is_old_apache) { return Apache2::Const::OK; } else { return Apache2::Const::AUTHZ_GRANTED; } } Thanks again to you all for your help. Cheers, Andrew. --=20 Andrew Green Article Seven Limited http://www.article7.co.uk/ Article Seven Limited is a registered company in England and Wales. = Registered number: 5703656. Registered office: 10 Hamilton Road, Sidcup, = Kent, DA15 7HB. --Apple-Mail=_8BC3C3FD-0DD2-46C5-B600-AAAC4F1D221B Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8
Hi all,

Huge thanks to everyone for your replies on this. =  I=E2=80=99ve now been able to work through everything, and I = thought I=E2=80=99d post a quick update with some additional notes in = case there=E2=80=99s anyone else in the same boat searching the archives = in the future!


1. I was able to use the following as a way of = determining which version of Apache is in use at runtime:

my = $server_version =3D = Apache2::ServerUtil::get_server_banner();
my $is_old_apache =3D ($server_version =3D~ = /Apache\/2\.2/) ? 1 : 0;


2. My app sets up authen and authz handlers = dynamically, from a trans handler. Andr=C3=A9 was right, this was by far = the biggest pain point!

My before = code looked like this:

$r->push_handlers(PerlMapToStorageHandler = =3D> sub {
  =  $r->add_config(['Require valid-user']);
   $r->add_config(['AuthType = cookie']);
});

$r->set_handlers(PerlAuthenHandler =3D> = [MyApp::Authen]);
$r->set_handlers(PerlAuthzHandler =3D> = [MyApp::Authz]);

As far as I can tell, I have to pre-declare = the new Authz provider in my server config:

PerlAddAuthzProvider myapp MyApp::Authz

I didn=E2=80=99t find a way of doing that bit = dynamically at runtime.

But I can = still conditionally trigger the provider for individual requests from my = trans handler, like this:

$r->push_handlers(PerlMapToStorageHandler = =3D> sub {
  =  $r->add_config(['Require myapp']);
});

$r->set_handlers(PerlAuthenHandler =3D> = [MyApp::Authen]);


3. Combining #1 and #2 = meant I=E2=80=99m able to have the same trans handler run under both = Apache 2.2 and 2.4.  I was also able to get my authz handler to run = under both by:

a. Having the call to = Apache2::Compat -compile happen = in the server startup.pl, and not in my module.

b. Wrapping the return value like = this:

sub authz_granted {

   my $self =3D shift;

   # So this compiles under old = Apache
  =  no strict 'subs';

   if ($self->is_old_apache) = {
    =   return Apache2::Const::OK;
   } else = {
    =   return Apache2::Const::AUTHZ_GRANTED;
   }

}


Thanks again to you all = for your help.

Cheers,
Andrew.

-- 
Andrew = Green
Article Seven Limited
http://www.article7.co.uk/

Article Seven = Limited is a registered company in England and Wales.  Registered = number: 5703656. Registered office: 10 Hamilton Road, Sidcup, Kent, = DA15 7HB.




= --Apple-Mail=_8BC3C3FD-0DD2-46C5-B600-AAAC4F1D221B--