asg07.htm

apache技术手册

<H5 ALIGN=CENTER>

<CENTER>

<FONT SIZE=4 COLOR="#FF0000"><B>Cookie_EncryptedCookies</B></FONT></CENTER></H5>

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Syntax:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Cookie_EncryptedCookies [on]|[off]

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Default:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Cookie_EncryptedCookies on</FONT>

</TABLE><P>This directive specifies if the cookie value is encrypted using crypt&#151;the program used by UNIX to encrypt passwords.

<BR>

<BR>

<A NAME="E68E53"></A>

<H3 ALIGN=CENTER>

<CENTER>

<FONT SIZE=5 COLOR="#FF0000"><B>mod_userpath</B></FONT></CENTER></H3>

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Source:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

mod_userpath.c

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Author:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Simon Wilkinson

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Type:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Resource location/Uniform Resource Identifier (URI) rewriting

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Home:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<A HREF="javascript:if(confirm('http://www.tardis.ed.ac.uk/~sxw/apache/mod_userpath.c  \n\nThis file was not retrieved by Teleport Pro, because it is addressed on a domain or path outside the boundaries set for its Starting Address.  \n\nDo you want to open it from the server?'))window.location='http://www.tardis.ed.ac.uk/~sxw/apache/mod_userpath.c'" tppabs="http://www.tardis.ed.ac.uk/~sxw/apache/mod_userpath.c"> http://www.tardis.ed.ac.uk/~sxw/apache/mod_userpath.c</A></FONT>

</TABLE><P>This module is a replacement for the mod_userdir module distributed with versions of Apache earlier than 1.1. The version of mod_userdir distributed with Apache 1.1.1 provides this functionality and more.

<BR>

<P>mod_userpath rewrites the URI of requests following the pattern:

<BR>

<BR>

<PRE>

<FONT COLOR="#000080">http://machine/~username</FONT></PRE>

<P>This module allows you to specify a directory where the server will look for a user's home page. This module has the added benefit of allowing you to create home page directories that don't necessarily match your internal usernames. Because this mechanism doesn't rely on user accounts, it allows you to provide home pages on machines that don't contain any user information.

<BR>

<P>If you incorporate this module into Apache, you should remove mod_userdir because both of these modules will attempt to rewrite the URI, and which one will win is anyone's guess.

<BR>

<BR>

<A NAME="E69E68"></A>

<H4 ALIGN=CENTER>

<CENTER>

<FONT SIZE=4 COLOR="#FF0000"><B>Directive</B></FONT></CENTER></H4>

<BR>

<P>mod_userpath adds one directive:

<BR>

<UL>

<LI>UserPath

<BR>

<BR>

</UL>

<BR>

<A NAME="E70E28"></A>

<H5 ALIGN=CENTER>

<CENTER>

<FONT SIZE=4 COLOR="#FF0000"><B>UserPath</B></FONT></CENTER></H5>

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Syntax:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

UserPath <I>pathToUserPages</I>

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Default:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

UserPath /usr/local/etc/httpd/htdocs/</FONT>

</TABLE><P>Requests ending in a username will have UserPath prepended before they are processed by the server. For example:

<BR>

<BR>

<PRE>

<FONT COLOR="#000080">http://machine/~username</FONT></PRE>

<P>will be translated into

<BR>

<BR>

<PRE>

<FONT COLOR="#000080">http://machine/usr/local/etc/httpd/htdocs/~username</FONT></PRE>

<BR>

<A NAME="E68E54"></A>

<H3 ALIGN=CENTER>

<CENTER>

<FONT SIZE=5 COLOR="#FF0000"><B>mod_cgi_sugid</B></FONT></CENTER></H3>

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Source:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

mod_cgi_sugid.c

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Author:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Philippe Vanhaesendonck

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Type:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

CGI UID/GID execution options

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Home:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<A HREF="javascript:if(confirm('http://linux3.cc.kuleuven.ac.be/~seklos/mod_cgi_sugid.c  \n\nThis file was not retrieved by Teleport Pro, because it is addressed on a domain or path outside the boundaries set for its Starting Address.  \n\nDo you want to open it from the server?'))window.location='http://linux3.cc.kuleuven.ac.be/~seklos/mod_cgi_sugid.c'" tppabs="http://linux3.cc.kuleuven.ac.be/~seklos/mod_cgi_sugid.c"> http://linux3.cc.kuleuven.ac.be/~seklos/mod_cgi_sugid.c</A></FONT>

</TABLE><P>This module is a replacement for the standard Apache CGI module, mod_cgi. It provides the capability to run CGI under the User ID (UID) and Group ID (GID) of a different user. UID and GID can be specified inside the &lt;Limit&gt; sections. &lt;Limit&gt; sections are specified under &lt;Location&gt; or &lt;Directory&gt; sections in the global access configuration file. By default, this module does not allow the use of its directives from within per-directory access control files (.htaccess). Also, if the module fails to change the UID/GID of a CGI, the script is aborted. As you should expect, this module won't run CGI with a root UID.

<BR>

<BR>

<A NAME="E69E69"></A>

<H4 ALIGN=CENTER>

<CENTER>

<FONT SIZE=4 COLOR="#FF0000"><B>Directives</B></FONT></CENTER></H4>

<BR>

<P>mod_cgi_sugid adds two directives:

<BR>

<UL>

<LI>UserId

<BR>

<BR>

<LI>GroupId

<BR>

<BR>

</UL>

<BR>

<A NAME="E70E29"></A>

<H5 ALIGN=CENTER>

<CENTER>

<FONT SIZE=4 COLOR="#FF0000"><B>UserID</B></FONT></CENTER></H5>

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Syntax:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

UserID [<I>user</I>]</FONT>

</TABLE><P>The UserID directive sets the UID used to run a CGI. This directive rejects requests to run a CGI with the root UID.

<BR>

<BR>

<A NAME="E70E30"></A>

<H5 ALIGN=CENTER>

<CENTER>

<FONT SIZE=4 COLOR="#FF0000"><B>GroupID</B></FONT></CENTER></H5>

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Syntax:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

GroupID [<I>group</I>]</FONT>

</TABLE><P>The GroupID directive sets the GID used to run a CGI.

<BR>

<BR>

<A NAME="E68E55"></A>

<H3 ALIGN=CENTER>

<CENTER>

<FONT SIZE=5 COLOR="#FF0000"><B>mod_auth_sys</B></FONT></CENTER></H3>

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Source:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

mod_auth_sys.c

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Author:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Franz Vinzenz

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Type:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Authentication</FONT>

</TABLE><P>mod_auth_sys allows you to authenticate a user using the UNIX calls getpwnam_r and getgrnam_r to retrieve password and group information for that user. This allows you to use your existing UNIX authentication scheme, such as /etc/passwd files, Network Information Service (NIS), NIS++, and so on. This module does not provide any directives.

<BR>

<P>To call the module, just put an entry like the following in your global access configuration file or in a per-directory access file (omit the &lt;Directory&gt; section on per-directory access files):

<BR>

<PRE>

<FONT COLOR="#000080">&lt;Directory <I>somedir</I>&gt;

AuthType Basic

&lt;Limit GET POST&gt;

 require valid-user

&lt;/Limit&gt;

&lt;/Directory&gt;</FONT></PRE>

<P>The only concern with this module is the transmission of login and password information across the Internet because basic authentication does not encrypt the login transaction in any way. If anyone obtained this information in route, he would have full access to that user's account.

<BR>

<BR>

<A NAME="E68E56"></A>

<H3 ALIGN=CENTER>

<CENTER>

<FONT SIZE=5 COLOR="#FF0000"><B>mod_perl</B><B> and </B><B>mod_perl_fast</B></FONT></CENTER></H3>

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Authors:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Doug MacEachern

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Type:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Embedded interpreter

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Home:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<A HREF="javascript:if(confirm('http://www.osf.org/~dougm/apache  \n\nThis file was not retrieved by Teleport Pro, because it is addressed on a domain or path outside the boundaries set for its Starting Address.  \n\nDo you want to open it from the server?'))window.location='http://www.osf.org/~dougm/apache'" tppabs="http://www.osf.org/~dougm/apache"> http://www.osf.org/~dougm/apache</A></FONT>

</TABLE><P>mod_perl and mod_perl_fast provide an alternative method for executing Perl programs. mod_perl and mod_perl fast are not CGI, so the way you program them is a little different.

<BR>

<P>At the time of this writing, programs that you write to take advantage of these modules don't run from the command line without the aid of the CGI::Switch Perl module. CGI::Switch is available from your nearest CPAN archive at modules/by-module/Apache/CGI-XA-0_22305-alpha_tar.gz.

<BR>

<P>These modules embed a Perl interpreter in the Web server. Because the Perl interpreter is embedded, the server can run Perl scripts by itself, and your Perl programs will run much faster. The embedded interpreter eliminates much of the expense associated with running CGI on your Web server. Also, scripts that run under these modules have full access to the Application Programming Interface (API) of the server, giving you the option of writing modules using Perl.

<BR>

<P>These modules differ in the way they function. mod_perl allocates and constructs a Perl interpreter for each request. This interpreter parses and executes the script. On completion, the Perl interpreter is destroyed, freeing the resources that it consumed.

<BR>

<P>mod_perl_fast allocates and constructs one Perl interpreter when the server starts. It also loads and parses a Perl script that is persistent.

<BR>

<BR>

<A NAME="E68E57"></A>

<H3 ALIGN=CENTER>

<CENTER>

<FONT SIZE=5 COLOR="#FF0000"><B>mod_auth_external</B></FONT></CENTER></H3>

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Source:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

mod_auth_external.c

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Author:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Nathan Neulinger

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Type:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Authentication

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Home:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<A HREF="javascript:if(confirm('http://www.umr.edu/~nneul/  \n\nThis file was not retrieved by Teleport Pro, because it is addressed on a domain or path outside the boundaries set for its Starting Address.  \n\nDo you want to open it from the server?'))window.location='http://www.umr.edu/~nneul/'" tppabs="http://www.umr.edu/~nneul/"> http://www.umr.edu/~nneul/</A></FONT>

</TABLE><P>mod_auth_external allows you to specify an external program that will handle user and group authentication. The specified program will receive authentication information the visitor entered in the authentication panel via the USER and PASS environment variables. In addition, when doing group authentication, the group name is passed in the environment variable GROUP. The external authentication program is expected to return 0 to indicate successful authentication, or a nonzero result as an indication of a failed authentication session or an error in the authentication program.

<BR>