Hi, I've had tremendous trouble getting it to work on Apache. Did the rewrite rules. Did the rewritelog. Checked out the tips for beginners. All documents say you must go: http://localhost/cgi-bin/Zope.cgi/manage, but it doesn't work. Authentication fails. THEN just to be funny I tried http://localhost/Zope/manage and viola!!!!! Why is this not somewhere in a doc or is it so stupid that no one is willing to write it down? Thank you Alwyn
The behavior you describe is exactly what you are asking rewrite rules to do for you. If you want to access zope with this URL: http://localhost/cgi-bin/Zope.cgi/manage you'll need to set your Zope folder (containing Zope.cgi) as the cgi-bin folder for your server using script alias in your Apache httpd.conf file. Alternately you can change your rewrite rules to rewrite from something like this: /Zope^(.*) /websites/Zope-2.0.1/Zope.cgi$1 [e=HTTP_CGI_AUTHORIZATION: %1,E=ZOPE_RAW_URI:SCRIPT_URI,t=application/x-httpd-cgi,l] to: /cgi-bin/Zope.cgi^(.*) /websites/Zope-2.0.1/Zope.cgi$1 [e=HTTP_CGI_AUTHORIZATION: %1,E=ZOPE_RAW_URI:SCRIPT_URI,t=application/x-httpd-cgi,l] Josh At 4:19 PM +0000 9/30/99, Alwyn Schoeman wrote:
Hi,
I've had tremendous trouble getting it to work on Apache. Did the rewrite rules. Did the rewritelog. Checked out the tips for beginners. All documents say you must go: http://localhost/cgi-bin/Zope.cgi/manage, but it doesn't work. Authentication fails.
THEN just to be funny I tried http://localhost/Zope/manage and viola!!!!! Why is this not somewhere in a doc or is it so stupid that no one is willing to write it down?
Thank you Alwyn
# # # _____________________________________________ Joshua Brauer Box 915 http://www.brauer.org Fort Collins, CO 80522 Fax: (419) 793-4120 _____________________________________________ In flying I have learned that carelessness and overconfidence are usually far more dangerous than deliberately accepted risks. -- Wilbur Wright in a letter to his father, September 1900 _____________________________________________________
Alwyn Schoeman wrote:
Hi,
I've had tremendous trouble getting it to work on Apache. Did the rewrite rules. Did the rewritelog. Checked out the tips for beginners. All documents say you must go: http://localhost/cgi-bin/Zope.cgi/manage, but it doesn't work. Authentication fails.
THEN just to be funny I tried http://localhost/Zope/manage and viola!!!!! Why is this not somewhere in a doc or is it so stupid that no one is willing to write it down?
I suppose this hasn't been written down clearly as I've seen two people previously who had the same misconception. What are the reasons for the rewrite_rule? * making a nicer URL; /Zope or whatever instead of /cgi-bin/Zope.cgi * passing authentication information to Zope.cgi The second reason is the essential one! Apache apparently does not pass on authentication information to any cgi script. Zope needs this authentication information to work. So we fool apache with a rewrite_rule, which, when activated, passes the authentication information on to Zope.cgi using an environment variable (the e= thing in the rewrite rule). So, if you call Zope.cgi so that the rewrite_rule is activated, the authentication info is passed, and Zope works. The rewrite_rule is only activated if you actually trigger it with the /Zope/ thing, which is what after all it wants to rewrite. It does not get triggered if you go to the cgi directly. Someone ought to write this down somewhere very clearly in the install documents. It *is* in the docs because this is how I know myself, but apparently not too clearly. Regards, Martijn
besides using rewrite rules there is another method mentioned in docs/WEBSERVER.TXT -- compiling apache with -DSECURITY_HOLE_PASS_AUTHORIZATION apache apparently will then pass authorization info to cgi's on my developing machine i needed to do this because i had some rewrite rules/script aliases somehow conflicting with each other does anybody know of the security implications of this? thx, peter. On Thu, 30 Sep 1999, Martijn Faassen wrote: :Alwyn Schoeman wrote: :> :> Hi, :> :> I've had tremendous trouble getting it to work on Apache. Did the :> rewrite rules. Did the rewritelog. Checked out the tips for beginners. :> All documents say you must go: http://localhost/cgi-bin/Zope.cgi/manage, :> but it doesn't work. Authentication fails. :> :> THEN just to be funny I tried http://localhost/Zope/manage and :> viola!!!!! Why is this not somewhere in a doc or is it so stupid that :> no one is willing to write it down? : :I suppose this hasn't been written down clearly as I've seen two people :previously who had the same misconception. : :What are the reasons for the rewrite_rule? : :* making a nicer URL; /Zope or whatever instead of /cgi-bin/Zope.cgi : :* passing authentication information to Zope.cgi : :The second reason is the essential one! Apache apparently does not pass :on authentication information to any cgi script. Zope needs this :authentication information to work. So we fool apache with a :rewrite_rule, which, when activated, passes the authentication :information on to Zope.cgi using an environment variable (the e= thing :in the rewrite rule). So, if you call Zope.cgi so that the rewrite_rule :is activated, the authentication info is passed, and Zope works. The :rewrite_rule is only activated if you actually trigger it with the :/Zope/ thing, which is what after all it wants to rewrite. It does not :get triggered if you go to the cgi directly. : :Someone ought to write this down somewhere very clearly in the install :documents. It *is* in the docs because this is how I know myself, but :apparently not too clearly. : :Regards, : :Martijn : :_______________________________________________ :Zope maillist - Zope@zope.org :http://www.zope.org/mailman/listinfo/zope : :(Related lists - please, no cross posts or HTML encoding! : :To receive general Zope announcements, see: :http://www.zope.org/mailman/listinfo/zope-announce : :For developer-specific issues, zope-dev@zope.org - :http://www.zope.org/mailman/listinfo/zope-dev ) : -- _________________________________________________ peter sabaini, mailto: sabaini@niil.at -------------------------------------------------
participants (4)
-
Alwyn Schoeman -
Joshua Brauer -
Martijn Faassen -
Peter Sabaini