From: Daniel Gruno Date: Thu, 26 Apr 2012 19:14:27 +0000 (+0000) Subject: Syntax updates for mod_l*.xml X-Git-Tag: 2.5.0-alpha~6998 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5e39d4b16a097ae7b570b28dec9f3de754dc2977;p=thirdparty%2Fapache%2Fhttpd.git Syntax updates for mod_l*.xml git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1331035 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/manual/mod/mod_ldap.xml b/docs/manual/mod/mod_ldap.xml index db8c3692fe0..d2cfa54081f 100644 --- a/docs/manual/mod/mod_ldap.xml +++ b/docs/manual/mod/mod_ldap.xml @@ -60,34 +60,32 @@ by other LDAP modules mod_ldap to increase the performance of HTTP Basic authentication provided by mod_authnz_ldap.

- - # Enable the LDAP connection pool and shared
- # memory cache. Enable the LDAP cache status
- # handler. Requires that mod_ldap and mod_authnz_ldap
- # be loaded. Change the "yourdomain.example.com" to
- # match your domain.
-
- LDAPSharedCacheSize 500000
- LDAPCacheEntries 1024
- LDAPCacheTTL 600
- LDAPOpCacheEntries 1024
- LDAPOpCacheTTL 600
-
- <Location /ldap-status>
- - SetHandler ldap-status
- - Require host yourdomain.example.com
- - Satisfy any
- AuthType Basic
- AuthName "LDAP Protected"
- AuthBasicProvider ldap
- AuthLDAPURL ldap://127.0.0.1/dc=example,dc=com?uid?one
- Require valid-user
- - </Location> - + +# Enable the LDAP connection pool and shared +# memory cache. Enable the LDAP cache status +# handler. Requires that mod_ldap and mod_authnz_ldap +# be loaded. Change the "yourdomain.example.com" to +# match your domain. + +LDAPSharedCacheSize 500000 +LDAPCacheEntries 1024 +LDAPCacheTTL 600 +LDAPOpCacheEntries 1024 +LDAPOpCacheTTL 600 + +<Location /ldap-status> + SetHandler ldap-status + + Require host yourdomain.example.com + + Satisfy any + AuthType Basic + AuthName "LDAP Protected" + AuthBasicProvider ldap + AuthLDAPURL ldap://127.0.0.1/dc=example,dc=com?uid?one + Require valid-user +</Location> +
LDAP Connection Pool @@ -183,13 +181,11 @@ by other LDAP modules following directives could be used to access the mod_ldap cache information:

- - <Location /server/cache-info>
- - SetHandler ldap-status
- - </Location> - + +<Location /server/cache-info> + SetHandler ldap-status +</Location> +

By fetching the URL http://servername/cache-info, the administrator can get a status report of every cache that is used @@ -211,51 +207,47 @@ by other LDAP modules optional client certificates to be used, as well as the type of encryption to be used on the connection (none, SSL or TLS/STARTTLS).

- - # Establish an SSL LDAP connection on port 636. Requires that
- # mod_ldap and mod_authnz_ldap be loaded. Change the
- # "yourdomain.example.com" to match your domain.
-
- LDAPTrustedGlobalCert CA_DER /certs/certfile.der
-
- <Location /ldap-status>
- - SetHandler ldap-status
- - Require host yourdomain.example.com
- - Satisfy any
- AuthType Basic
- AuthName "LDAP Protected"
- AuthBasicProvider ldap
- AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one
- Require valid-user
- - </Location> - - - - # Establish a TLS LDAP connection on port 389. Requires that
- # mod_ldap and mod_authnz_ldap be loaded. Change the
- # "yourdomain.example.com" to match your domain.
-
- LDAPTrustedGlobalCert CA_DER /certs/certfile.der
-
- <Location /ldap-status>
- - SetHandler ldap-status
- - Require host yourdomain.example.com
- - Satisfy any
- AuthType Basic
- AuthName "LDAP Protected"
- AuthBasicProvider ldap
- AuthLDAPURL ldap://127.0.0.1/dc=example,dc=com?uid?one TLS
- Require valid-user
- - </Location> - + +# Establish an SSL LDAP connection on port 636. Requires that +# mod_ldap and mod_authnz_ldap be loaded. Change the +# "yourdomain.example.com" to match your domain. + +LDAPTrustedGlobalCert CA_DER /certs/certfile.der + +<Location /ldap-status> + SetHandler ldap-status + + Require host yourdomain.example.com + + Satisfy any + AuthType Basic + AuthName "LDAP Protected" + AuthBasicProvider ldap + AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one + Require valid-user +</Location> + + + +# Establish a TLS LDAP connection on port 389. Requires that +# mod_ldap and mod_authnz_ldap be loaded. Change the +# "yourdomain.example.com" to match your domain. + +LDAPTrustedGlobalCert CA_DER /certs/certfile.der + +<Location /ldap-status> + SetHandler ldap-status + + Require host yourdomain.example.com + + Satisfy any + AuthType Basic + AuthName "LDAP Protected" + AuthBasicProvider ldap + AuthLDAPURL ldap://127.0.0.1/dc=example,dc=com?uid?one TLS + Require valid-user +</Location> +
@@ -288,29 +280,27 @@ by other LDAP modules an error when an attempt is made to contact the LDAP server at runtime.

- - # Specify a Netscape CA certificate file
- LDAPTrustedGlobalCert CA_CERT7_DB /certs/cert7.db
- # Specify an optional key3.db file for client certificate support
- LDAPTrustedGlobalCert CERT_KEY3_DB /certs/key3.db
- # Specify the secmod file if required
- LDAPTrustedGlobalCert CA_SECMOD /certs/secmod
- <Location /ldap-status>
- - SetHandler ldap-status
- - Require host yourdomain.example.com
- - Satisfy any
- AuthType Basic
- AuthName "LDAP Protected"
- AuthBasicProvider ldap
- LDAPTrustedClientCert CERT_NICKNAME <nickname> [password]
- AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one
- Require valid-user
- - </Location> - + +# Specify a Netscape CA certificate file +LDAPTrustedGlobalCert CA_CERT7_DB /certs/cert7.db +# Specify an optional key3.db file for client certificate support +LDAPTrustedGlobalCert CERT_KEY3_DB /certs/key3.db +# Specify the secmod file if required +LDAPTrustedGlobalCert CA_SECMOD /certs/secmod +<Location /ldap-status> + SetHandler ldap-status + + Require host yourdomain.example.com + + Satisfy any + AuthType Basic + AuthName "LDAP Protected" + AuthBasicProvider ldap + LDAPTrustedClientCert CERT_NICKNAME <nickname> [password] + AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one + Require valid-user +</Location> + @@ -330,16 +320,16 @@ by other LDAP modules LDAPTrustedMode parameter. If an ldaps:// URL is specified, SSL mode is forced, override this directive.

- - # Specify two CA certificate files
- LDAPTrustedGlobalCert CA_DER /certs/cacert1.der
- LDAPTrustedGlobalCert CA_BASE64 /certs/cacert2.pem
- # Specify a client certificate file and key
- LDAPTrustedGlobalCert CERT_BASE64 /certs/cert1.pem
- LDAPTrustedGlobalCert KEY_BASE64 /certs/key1.pem [password]
- # Do not use this directive, as it will throw an error
- #LDAPTrustedClientCert CERT_BASE64 /certs/cert1.pem
- + +# Specify two CA certificate files +LDAPTrustedGlobalCert CA_DER /certs/cacert1.der +LDAPTrustedGlobalCert CA_BASE64 /certs/cacert2.pem +# Specify a client certificate file and key +LDAPTrustedGlobalCert CERT_BASE64 /certs/cert1.pem +LDAPTrustedGlobalCert KEY_BASE64 /certs/key1.pem [password] +# Do not use this directive, as it will throw an error +#LDAPTrustedClientCert CERT_BASE64 /certs/cert1.pem + @@ -362,30 +352,28 @@ by other LDAP modules (ldaps://) support has been deprecated to be replaced with TLS, although the SSL functionality still works.

- - # Specify two CA certificate files
- LDAPTrustedGlobalCert CA_DER /certs/cacert1.der
- LDAPTrustedGlobalCert CA_BASE64 /certs/cacert2.pem
- <Location /ldap-status>
- - SetHandler ldap-status
- - Require host yourdomain.example.com
- - LDAPTrustedClientCert CERT_BASE64 /certs/cert1.pem
- LDAPTrustedClientCert KEY_BASE64 /certs/key1.pem
- # CA certs respecified due to per-directory client certs
- LDAPTrustedClientCert CA_DER /certs/cacert1.der
- LDAPTrustedClientCert CA_BASE64 /certs/cacert2.pem
- Satisfy any
- AuthType Basic
- AuthName "LDAP Protected"
- AuthBasicProvider ldap
- AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one
- Require valid-user
- - </Location> - + +# Specify two CA certificate files +LDAPTrustedGlobalCert CA_DER /certs/cacert1.der +LDAPTrustedGlobalCert CA_BASE64 /certs/cacert2.pem +<Location /ldap-status> + SetHandler ldap-status + + Require host yourdomain.example.com + + LDAPTrustedClientCert CERT_BASE64 /certs/cert1.pem + LDAPTrustedClientCert KEY_BASE64 /certs/key1.pem + # CA certs respecified due to per-directory client certs + LDAPTrustedClientCert CA_DER /certs/cacert1.der + LDAPTrustedClientCert CA_BASE64 /certs/cacert2.pem + Satisfy any + AuthType Basic + AuthName "LDAP Protected" + AuthBasicProvider ldap + AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one + Require valid-user +</Location> + diff --git a/docs/manual/mod/mod_log_config.xml b/docs/manual/mod/mod_log_config.xml index bcd66fa548d..d2f1fc71dcf 100644 --- a/docs/manual/mod/mod_log_config.xml +++ b/docs/manual/mod/mod_log_config.xml @@ -445,14 +445,14 @@ expr=expression]

For example, the following two sets of directives have exactly the same effect:

- - # CustomLog with format nickname
- LogFormat "%h %l %u %t \"%r\" %>s %b" common
- CustomLog logs/access_log common
-
- # CustomLog with explicit format string
- CustomLog logs/access_log "%h %l %u %t \"%r\" %>s %b" - + +# CustomLog with format nickname +LogFormat "%h %l %u %t \"%r\" %>s %b" common +CustomLog logs/access_log common + +# CustomLog with explicit format string +CustomLog logs/access_log "%h %l %u %t \"%r\" %>s %b" +

The third argument is optional and controls whether or not to log a particular request. The condition can be the @@ -470,19 +470,19 @@ expr=expression] images on your server in a separate logfile but not in your main log, you can use:

- - SetEnvIf Request_URI \.gif$ gif-image
- CustomLog gif-requests.log common env=gif-image
- CustomLog nongif-requests.log common env=!gif-image - + +SetEnvIf Request_URI \.gif$ gif-image +CustomLog gif-requests.log common env=gif-image +CustomLog nongif-requests.log common env=!gif-image +

Or, to reproduce the behavior of the old RefererIgnore directive, you might use the following:

- - SetEnvIf Referer example\.com localreferer
- CustomLog referer.log referer env=!localreferer - + +SetEnvIf Referer example\.com localreferer +CustomLog referer.log referer env=!localreferer + @@ -526,8 +526,11 @@ expr=expression] percent signs (%).

Example + LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common + + @@ -549,8 +552,10 @@ expr=expression] other format has been specified.

Example - LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""
- TransferLog logs/access_log + +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" +TransferLog logs/access_log + diff --git a/docs/manual/mod/mod_log_debug.xml b/docs/manual/mod/mod_log_debug.xml index 316346d90f5..1556b664edf 100644 --- a/docs/manual/mod/mod_log_debug.xml +++ b/docs/manual/mod/mod_log_debug.xml @@ -35,20 +35,20 @@
  • Log message after request to /foo/* is processed: - - <Location /foo/>
    -   LogMessage "/foo/ has been requested"
    - </Location>
    -     + +<Location /foo/> +  LogMessage "/foo/ has been requested" +</Location> +
  • Log message if request to /foo/* is processed in a sub-request: - - <Location /foo/>
    -   LogMessage "subrequest to /foo/" hook=type_checker expr=%{IS_SUBREQ}
    - </Location>
    -     + +<Location /foo/> +  LogMessage "subrequest to /foo/" hook=type_checker expr=%{IS_SUBREQ} +</Location> + The default log_transaction hook is not executed for sub-requests, therefore we have to use a different hook. @@ -57,21 +57,20 @@
  • Log message if an IPv6 client causes a request timeout: - - LogMessage "IPv6 timeout from %{REMOTE_ADDR}" - "expr=-T %{IPV6} && %{REQUEST_STATUS} = 408" - + + LogMessage "IPv6 timeout from %{REMOTE_ADDR}" "expr=-T %{IPV6} && %{REQUEST_STATUS} = 408" + Note the placing of the double quotes for the expr= argument.
  • Log the value of the "X-Foo" request environment variable in each stage of the request: - - <Location />
    -   LogMessage "%{reqenv:X-Foo}" hook=all
    - </Location>
    -     + +<Location /> +  LogMessage "%{reqenv:X-Foo}" hook=all +</Location> + Together with microsecond time stamps in the error log, hook=all also allows to determine the times spent in the different parts of the request processing. diff --git a/docs/manual/mod/mod_lua.xml b/docs/manual/mod/mod_lua.xml index 56fdd3adec2..8575e201ffc 100644 --- a/docs/manual/mod/mod_lua.xml +++ b/docs/manual/mod/mod_lua.xml @@ -53,17 +53,17 @@ Be sure to check the CHANGES file before upgrading.

    The basic module loading directive is

    - + LoadModule lua_module modules/mod_lua.so - +

    mod_lua provides a handler named lua-script, which can be used with an AddHandler directive:

    - + AddHandler lua-script .lua - +

    This will cause mod_lua to handle requests for files @@ -462,16 +462,18 @@ end be careful writing your regular expressions to avoid security issues.

    Examples: + LuaMapHandler /(\w+)/(/w+) /scripts/$1.lua handle_$2 +

    This would match uri's such as /photos/show?id=9 to the file /scripts/photos.lua and invoke the handler function handle_show on the lua vm after loading that file.

    - + LuaMapHandler /bingo /scripts/wombat.lua - +

    This would invoke the "handle" function, which is the default if no specific function name is provided.

    @@ -491,8 +493,10 @@ end lua vms.

    Examples: - LuaPackagePath /scripts/lib/?.lua
    - LuaPackagePath /scripts/lib/?/init.lua + +LuaPackagePath /scripts/lib/?.lua +LuaPackagePath /scripts/lib/?/init.lua +     @@ -537,9 +541,11 @@ end for development.

    Examples: - LuaCodeCache stat
    - LuaCodeCache forever
    - LuaCodeCache never
    + +LuaCodeCache stat +LuaCodeCache forever +LuaCodeCache never +     @@ -571,10 +577,10 @@ end

    Example:

    -
    +
 # httpd.conf
 LuaHookTranslateName /scripts/conf/hooks.lua silly_mapper
-
     + -- /scripts/conf/hooks.lua --