[KLUG Members] Authentication in Apache 2.0 (Joys of Upgrading)
Adam Williams
members@kalamazoolinux.org
Mon, 30 Dec 2002 12:40:06 -0500 (EST)
>I am pleased to say that I have resolved all the problems with
>the numerous web sites being moved to a new web server, running
>Apache 2.
>Everything except authentication, that is.
>I had taken virtual host definitions from a working 1.3.x server,
>changed some paths, and used that as the basis for the 2.0
>virtual host section.
>Eventually, once I'd corrected some errors, all the web sites were
>working...except, it finally occurred to me, for the web sites that
>had authentication set up (no .htaccess files for me, I prefer set-
>ting all this in the virtual host definitions). I commented out the
I was using Apache 2.x with htaccess files and it work. However, the
loading of the authentication modules did initially fail; evidenced by
so-and-so has seg faulted messages in /var/log/httpd/error.log. While
apache seemed to work fine. That may or may not have to do with the
particular apache module I was using for authenticaion (mod_auth_ldap),
recompiling fixed it (odd?).
But due to various problems (unable to compile PHP) I've abanonded and
gone back to apache 1.3.27
>There are advisories against using Apache 2 and PHP on a "production"
>server; this server will not be considered production until those is-
>sues are resolved (the latest PHP release does NOT seem to resolve
>these issues, or even address them). It is useful to configure and test
>this migration NOW, rather than wait until all of these issues have
>been resolved, at which time the server can be upgraded, tested, and
>put into production.
We've tested and been beaten senseless. Actually we never really tested
since compiling PHP against Apache 2.x requires magic beyond our
abilities.
>Do others have the same experience? Is there some terrible flaw in
>authentication, or something really radically new? Why is this
>aspect of migration (after checking file permissions, ownerships,
>paths, etc.) proving to be so difficult? I would think that as this
>is a fairly direct port from a working 1.3.x server, the problems
>would be fairly easily resolved, especially as there are no notes
>that related to this in moving from 1.3.x to 2.0.x....
Yes, the documentation on moving from 1.3.x to 2.0.x is scant to say the
least.