[MP2]lookup_uri and HTTPS

------=_Part_2052_23165.1214930054114
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hello all,

I am writing an handler generating sub-requests by using the lookup_uri and
run (Apache2::SubRequest) methods.
My question is : is it technically possible to generate HTTPS sub-request (I
observed that sub-requests were using HTTP) using the mod_perl API ?
If yes, which API do I have to use (I can not find any examples, or I tried
the APR::URI class but unsuccessfully) ?
If not, which solution is possible (using LWP ?)

Thanks

------=_Part_2052_23165.1214930054114
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hello all,

I am writing an handler generating sub-requests by using the lookup_uri and run (Apache2::SubRequest) methods.
My question is : is it technically possible to generate HTTPS sub-request (I observed that sub-requests were using HTTP) using the mod_perl API  ?

If yes, which API do I have to use (I can not find any examples, or I tried the APR::URI class but unsuccessfully) ?
If not, which solution is possible (using LWP ?)

Thanks


------=_Part_2052_23165.1214930054114--

Re: [MP2]lookup_uri and HTTPS

titetluc titetluc wrote:
> My question is : is it technically possible to generate HTTPS sub-request (I
> observed that sub-requests were using HTTP) using the mod_perl API ?

Forgive my impertinence, but on the face of it, that question does not
seem to make a lot of sense.
HTTP or HTTPS are protocols that carry requests and responses over "the
outside world" (e.g. the Internet or Intranet). A sub-request is
something that happens totally inside of Apache, so it does not really
have (nor need) a protocol. You just ask Apache to return the result of
getting "/location/object", without ever leaving the context of Apache
itself.

Now, a REDIRECT going back to the browser is another story, but above
you mention sub-requests, don't you ?

André

Re: [MP2]lookup_uri and HTTPS

On Tue 01 Jul 2008, titetluc titetluc wrote:
> I am writing an handler generating sub-requests by using the lookup_uri a=
nd
> run (Apache2::SubRequest) methods.
> My question is : is it technically possible to generate HTTPS sub-request
> (I observed that sub-requests were using HTTP)

No, none of the protocols is used to make subreqs. HTTP/HTTPS are network=20
protocols. With subreqs there is no network. A subreq is like a recursive=20
call of the same request answering machine. Hence, HTTPS? is irrelevant.=20
Normally the document accessed via a subreq has to be accessible locally.

> using the mod_perl API =A0? If=20
> yes, which API do I have to use (I can not find any examples, or I tried
> the APR::URI class but unsuccessfully) ?
> If not, which solution is possible (using LWP ?)

But it can be any kind of document apache can serve. So it can be a regular=
=20
file, something dynamically created (CGI/PHP/modperl etc) or even a documen=
t=20
for which the current server acts as proxy.

So in your case I see 2 options:

1) implement the included document via a CGI/modperl handler using LWP or=20
similar

2) use mod_proxy as reverse proxy

In both cases it's not possible to proxy an established SSL identity (clien=
t=20
certificate) to the backend server due to the nature of SSL. Nor can your=20
client verify the identity of the backend.

If possible I'd go for the mod_proxy version. 1) it doesn't load perl routi=
nes=20
in memory. 2) it passes the data an almost as fast as possible whereas=20
homegrown LWP solutions tend to buffer the whole document before sending an=
y=20
output.

But mod_proxy has also drawbacks. It is very difficult to make a POST reque=
st=20
to the backend this way and feed it some data. I once had a similar problem=
=20
when I wanted to include a proxied document and pass on the POST input of t=
he=20
original request to the backend. In the end I did it in Perl.

Torsten

=2D-
Need professional mod_perl support?
Just hire me: torsten.foertsch@gmx.net

Re: [MP2]lookup_uri and HTTPS

------=_Part_11799_27734319.1215190028349
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Andr=E9, Torsten

Thank you for your answer (sorry for the delay)

No, Andre, your are not impertinent. I thought I had a problem related to
the request scheme, but in fact, my httpd configuration was wrong !!!

2008/7/1 Torsten Foertsch :

> On Tue 01 Jul 2008, titetluc titetluc wrote:
> > I am writing an handler generating sub-requests by using the lookup_uri
> and
> > run (Apache2::SubRequest) methods.
> > My question is : is it technically possible to generate HTTPS sub-reque=
st
> > (I observed that sub-requests were using HTTP)
>
> No, none of the protocols is used to make subreqs. HTTP/HTTPS are network
> protocols. With subreqs there is no network. A subreq is like a recursive
> call of the same request answering machine. Hence, HTTPS? is irrelevant.
> Normally the document accessed via a subreq has to be accessible locally.
>
> > using the mod_perl API ? If
> > yes, which API do I have to use (I can not find any examples, or I trie=
d
> > the APR::URI class but unsuccessfully) ?
> > If not, which solution is possible (using LWP ?)
>
> But it can be any kind of document apache can serve. So it can be a regul=
ar
> file, something dynamically created (CGI/PHP/modperl etc) or even a
> document
> for which the current server acts as proxy.
>
> So in your case I see 2 options:
>
> 1) implement the included document via a CGI/modperl handler using LWP or
> similar
>
> 2) use mod_proxy as reverse proxy
>
> In both cases it's not possible to proxy an established SSL identity
> (client
> certificate) to the backend server due to the nature of SSL. Nor can your
> client verify the identity of the backend.
>
> If possible I'd go for the mod_proxy version. 1) it doesn't load perl
> routines
> in memory. 2) it passes the data an almost as fast as possible whereas
> homegrown LWP solutions tend to buffer the whole document before sending
> any
> output.
>
> But mod_proxy has also drawbacks. It is very difficult to make a POST
> request
> to the backend this way and feed it some data. I once had a similar probl=
em
> when I wanted to include a proxied document and pass on the POST input of
> the
> original request to the backend. In the end I did it in Perl.
>
> Torsten
>
> --
> Need professional mod_perl support?
> Just hire me: torsten.foertsch@gmx.net
>

------=_Part_11799_27734319.1215190028349
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Andr=E9, Torsten

Thank you for your answer (sorry for the delay)
=

No, Andre, your are not impertinent. I thought I had a problem related =
to the request scheme, but in fact, my httpd configuration was wrong !!! >