Loading ...
Sorry, an error occurred while loading the content.

Re: self_url MP2 w/o CGI

Expand Messages
  • Stas Bekman
    [please keep the thread on the list!] ... in mp2 you need to load modules that contain the methods that you want to use: % lookup construct_url To use method
    Message 1 of 22 , Sep 2, 2003
    • 0 Attachment
      [please keep the thread on the list!]

      Tofu Optimist wrote:
      > :(
      >
      > [Tue Sep 02 15:22:53 2003] [error] [client
      > 192.168.1.2] Can't locate object method
      > "construct_url" via package "Apache::RequestRec" at
      > /home/xxxxxxxx/mod-perl/Redirect.pm line 59.
      >
      > Do I need to load it or something?

      in mp2 you need to load modules that contain the methods that you want to use:

      % lookup construct_url
      To use method 'construct_url' add:
      use Apache::URI ();

      See:
      http://perl.apache.org/docs/2.0/user/porting/porting.html#Porting_a_Perl_Module_to_Run_under_mod_perl_2_0


      >>You just call $r->construct_url. In your example
      >>that would be:
      >>
      >> $r->headers_out->set(Location =>
      >>$r->construct_url . "&r2=1");
      >>
      >>
      >
      > __________________________________________________________________
      >
      >>Stas Bekman JAm_pH ------> Just Another
      >>mod_perl Hacker
      >>http://stason.org/ mod_perl Guide --->
      >>http://perl.apache.org
      >>mailto:stas@... http://use.perl.org
      >>http://apacheweek.com
      >>http://modperlbook.org http://apache.org
      >>http://ticketmaster.com
      >>
      >>
      >>
      >>--
      >>Reporting bugs: http://perl.apache.org/bugs/
      >>Mail list info:
      >>http://perl.apache.org/maillist/modperl.html
      >>
      >
      >
      >
      > __________________________________
      > Do you Yahoo!?
      > Yahoo! SiteBuilder - Free, easy-to-use web site design software
      > http://sitebuilder.yahoo.com


      --


      __________________________________________________________________
      Stas Bekman JAm_pH ------> Just Another mod_perl Hacker
      http://stason.org/ mod_perl Guide ---> http://perl.apache.org
      mailto:stas@... http://use.perl.org http://apacheweek.com
      http://modperlbook.org http://apache.org http://ticketmaster.com



      --
      Reporting bugs: http://perl.apache.org/bugs/
      Mail list info: http://perl.apache.org/maillist/modperl.html
    • Roger Davenport
      Apologies.. yes, this was meant for the list!! Roger
      Message 2 of 22 , Sep 2, 2003
      • 0 Attachment
        Apologies..  yes, this was meant for the list!!

        Roger

        On Tue, 2003-09-02 at 14:29, Perrin Harkins wrote:
        Did you mean to send this to the list?  It only went to me.
        
        On Tue, 2003-09-02 at 15:23, Roger Davenport wrote:
        > The session ID only lasts a certain time.. anywhere from a couple of
        > minutes to a couple of days (varies widely).  SSLv2 is 16 bytes, and
        > SSLv3/TLS is anywhere from 1 to 32 bytes.  The session ID is
        > essentially a value which saves the client and server from having to
        > handshake every time.  But if you get a matching value, chances are
        > that you have the same machine if it's within a reasonable amount of
        > time.
        > 
        > Roger
        > 
        > On Tue, 2003-09-02 at 13:40, Perrin Harkins wrote: 
        > > On Tue, 2003-09-02 at 14:23, kfr wrote:
        > > > Yes, sorry.  I have a site that allows my customers to become members via
        > > > monthly credit card subscription.  The problem is we've been getting
        > > > fraudulent credit card transactions and need some mechanism to detect a user
        > > > who is a repeat offender so I can detect them trying to submit yet another
        > > > bogus CC for access.
        > > 
        > > Okay, that makes sense.  Unfortunatey, there's no foolproof way that I'm
        > > aware of.  To begin with, you can try using a cookie.  This will stop
        > > anyone who is not very technical.  Beyond that, I have heard that
        > > there's some kind of unique identifier in SSL that you may be able to
        > > use.  I know this because the f5 big/ip load balancers used it.  Check
        > > into that.
        > > 
        > > - Perrin
      • kfr
        Anyone know how to capture the UUID from a request? I ve been looking all over the place and cant seem to find any reference to it anywhere ... K ... From:
        Message 3 of 22 , Sep 3, 2003
        • 0 Attachment
          Anyone know how to capture the UUID from a request? I've been looking all over the place and cant seem to find any reference to it anywhere ...

          K





          -----Original Message-----
          From: Roger Davenport [mailto:rdavenport@...]
          Sent: Tuesday, September 02, 2003 12:55 PM
          To: Perrin Harkins
          Cc: modperl@...
          Subject: RE: collecting unique client (computer) specific info?


          Apologies.. yes, this was meant for the list!!

          Roger

          On Tue, 2003-09-02 at 14:29, Perrin Harkins wrote:
          Did you mean to send this to the list? It only went to me.

          On Tue, 2003-09-02 at 15:23, Roger Davenport wrote:
          > The session ID only lasts a certain time.. anywhere from a couple of
          > minutes to a couple of days (varies widely). SSLv2 is 16 bytes, and
          > SSLv3/TLS is anywhere from 1 to 32 bytes. The session ID is
          > essentially a value which saves the client and server from having to
          > handshake every time. But if you get a matching value, chances are
          > that you have the same machine if it's within a reasonable amount of
          > time.
          >
          > Roger
          >
          > On Tue, 2003-09-02 at 13:40, Perrin Harkins wrote:
          > > On Tue, 2003-09-02 at 14:23, kfr wrote:
          > > > Yes, sorry. I have a site that allows my customers to become members via
          > > > monthly credit card subscription. The problem is we've been getting
          > > > fraudulent credit card transactions and need some mechanism to detect a user
          > > > who is a repeat offender so I can detect them trying to submit yet another
          > > > bogus CC for access.
          > >
          > > Okay, that makes sense. Unfortunatey, there's no foolproof way that I'm
          > > aware of. To begin with, you can try using a cookie. This will stop
          > > anyone who is not very technical. Beyond that, I have heard that
          > > there's some kind of unique identifier in SSL that you may be able to
          > > use. I know this because the f5 big/ip load balancers used it. Check
          > > into that.
          > >
          > > - Perrin



          --
          Reporting bugs: http://perl.apache.org/bugs/
          Mail list info: http://perl.apache.org/maillist/modperl.html
        • Perrin Harkins
          ... According to the mod_ssl manual, it is stored in an environment variable called SSL_SESSION_ID. - Perrin -- Reporting bugs: http://perl.apache.org/bugs/
          Message 4 of 22 , Sep 3, 2003
          • 0 Attachment
            On Wed, 2003-09-03 at 12:22, kfr wrote:
            > Anyone know how to capture the UUID from a request?

            According to the mod_ssl manual, it is stored in an environment variable
            called SSL_SESSION_ID.

            - Perrin



            --
            Reporting bugs: http://perl.apache.org/bugs/
            Mail list info: http://perl.apache.org/maillist/modperl.html
          • Ged Haywood
            Hi there, ... What makes you think there ll be one in there? ... Try Google? 73, Ged. -- Reporting bugs: http://perl.apache.org/bugs/ Mail list info:
            Message 5 of 22 , Sep 3, 2003
            • 0 Attachment
              Hi there,

              On Wed, 3 Sep 2003, kfr wrote:

              > Anyone know how to capture the UUID from a request?

              What makes you think there'll be one in there?

              > I've been looking all over the place and cant seem to find any
              > reference to it anywhere ...

              Try Google?

              73,
              Ged.



              --
              Reporting bugs: http://perl.apache.org/bugs/
              Mail list info: http://perl.apache.org/maillist/modperl.html
            • Stas Bekman
              ... You mean, you want to generate one? in mod_perl2/apr it d be: use APR::UUID: my $uuid = APR::UUID- new- format; or from the command line (assuming that you
              Message 6 of 22 , Sep 3, 2003
              • 0 Attachment
                kfr wrote:
                > Anyone know how to capture the UUID from a request? I've been looking all
                > over the place and cant seem to find any reference to it anywhere ...

                You mean, you want to generate one? in mod_perl2/apr it'd be:

                use APR::UUID:
                my $uuid = APR::UUID->new->format;

                or from the command line (assuming that you are using the latest cvs):

                perl -MApache2 -MAPR -MAPR::UUID -le 'print APR::UUID->new->format'

                __________________________________________________________________
                Stas Bekman JAm_pH ------> Just Another mod_perl Hacker
                http://stason.org/ mod_perl Guide ---> http://perl.apache.org
                mailto:stas@... http://use.perl.org http://apacheweek.com
                http://modperlbook.org http://apache.org http://ticketmaster.com



                --
                Reporting bugs: http://perl.apache.org/bugs/
                Mail list info: http://perl.apache.org/maillist/modperl.html
              • John Saylor
                hi ... is there an equivalent in mod_perl1? -- js -- Reporting bugs: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html
                Message 7 of 22 , Sep 3, 2003
                • 0 Attachment
                  hi

                  ( 03.09.03 10:42 -0700 ) Stas Bekman:
                  > You mean, you want to generate one? in mod_perl2/apr it'd be:

                  is there an equivalent in mod_perl1?

                  --
                  \js



                  --
                  Reporting bugs: http://perl.apache.org/bugs/
                  Mail list info: http://perl.apache.org/maillist/modperl.html
                • Perrin Harkins
                  ... Use Data::UUID from CPAN or mod_unique_id. Note that this (and the mod_perl 2 approach Stas posted) has nothing to do with identifying the actual client,
                  Message 8 of 22 , Sep 3, 2003
                  • 0 Attachment
                    On Wed, 2003-09-03 at 15:03, John Saylor wrote:
                    > is there an equivalent in mod_perl1?

                    Use Data::UUID from CPAN or mod_unique_id. Note that this (and the
                    mod_perl 2 approach Stas posted) has nothing to do with identifying the
                    actual client, which is what the original question on this thread was
                    about.

                    - Perrin


                    --
                    Reporting bugs: http://perl.apache.org/bugs/
                    Mail list info: http://perl.apache.org/maillist/modperl.html
                  • Stas Bekman
                    ... I m sure there are a few modules on CPAN that you can use. Again I m talking about generating UUD, not extracting the SSL one. Perrin has replied that you
                    Message 9 of 22 , Sep 3, 2003
                    • 0 Attachment
                      John Saylor wrote:
                      > hi
                      >
                      > ( 03.09.03 10:42 -0700 ) Stas Bekman:
                      >
                      >>You mean, you want to generate one? in mod_perl2/apr it'd be:
                      >
                      >
                      > is there an equivalent in mod_perl1?

                      I'm sure there are a few modules on CPAN that you can use. Again I'm talking
                      about generating UUD, not extracting the SSL one. Perrin has replied that you
                      need $ENV{SSL_SESSION_ID} for the SSL one.




                      __________________________________________________________________
                      Stas Bekman JAm_pH ------> Just Another mod_perl Hacker
                      http://stason.org/ mod_perl Guide ---> http://perl.apache.org
                      mailto:stas@... http://use.perl.org http://apacheweek.com
                      http://modperlbook.org http://apache.org http://ticketmaster.com



                      --
                      Reporting bugs: http://perl.apache.org/bugs/
                      Mail list info: http://perl.apache.org/maillist/modperl.html
                    • kfr
                      I m able to see it now ... had to re-compile my server with mod_ssl (not apache-ssl) and I can see the SSL_SESSION_ID. So I take it there s no way to decrypt
                      Message 10 of 22 , Sep 3, 2003
                      • 0 Attachment
                        I'm able to see it now ... had to re-compile my server with mod_ssl (not
                        apache-ssl) and I can see the SSL_SESSION_ID. So I take it there's no way
                        to decrypt that and grab anything useful out of it other than it's one time
                        uniqueness? The doc's state its a combo of a few different parameters
                        (timestamp, hardware address, etc), which the hardware address is really
                        what I'm after.

                        K



                        >-----Original Message-----
                        >From: Perrin Harkins [mailto:perrin@...]
                        >Sent: Wednesday, September 03, 2003 12:28 PM
                        >To: John Saylor
                        >Cc: modperl@...
                        >Subject: Re: collecting unique client (computer) specific info?
                        >
                        >
                        >On Wed, 2003-09-03 at 15:03, John Saylor wrote:
                        >> is there an equivalent in mod_perl1?
                        >
                        >Use Data::UUID from CPAN or mod_unique_id. Note that this (and the
                        >mod_perl 2 approach Stas posted) has nothing to do with identifying the
                        >actual client, which is what the original question on this thread was
                        >about.
                        >
                        >- Perrin
                        >
                        >
                        >--
                        >Reporting bugs: http://perl.apache.org/bugs/
                        >Mail list info: http://perl.apache.org/maillist/modperl.html
                        >
                        >



                        --
                        Reporting bugs: http://perl.apache.org/bugs/
                        Mail list info: http://perl.apache.org/maillist/modperl.html
                      • Ged Haywood
                        Hi there, ... What hardware? 73, Ged. -- Reporting bugs: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html
                        Message 11 of 22 , Sep 3, 2003
                        • 0 Attachment
                          Hi there,

                          On Wed, 3 Sep 2003, kfr wrote:

                          > had to re-compile my server with mod_ssl

                          :)

                          > the hardware address is really what I'm after.

                          What hardware?

                          73,
                          Ged.



                          --
                          Reporting bugs: http://perl.apache.org/bugs/
                          Mail list info: http://perl.apache.org/maillist/modperl.html
                        Your message has been successfully submitted and would be delivered to recipients shortly.