0

简介:我们公司使用通过 mod_perl 动态生成的虚拟主机从我们的数据库中生成虚拟主机。我们基本上有一个表“域”,它为我们的数百个客户和合作伙伴动态修改。

我们有几种具有不同别名、包含和规则的模板。所以我们基本上使用下面的 Perl 脚本来生成不同的模板:

<Perl>
    #!perl

    use DBI;
    use Time::HiRes qw(time);

    use Apache2::ServerUtil ();
    my $s = Apache2::ServerUtil->server;

    $Apache2::PerlSections::Save = 1;

    my $dsn  = "dbi:mysql:...:...";
    my $user = "...";
    my $pw   = "...";
    my $db   = DBI->connect($dsn, $user, $pw) or die $DBI::errstr;

    my $select = qq/SELECT * FROM domains ORDER BY ID/;
    my $sth_select = $db->prepare($select);

    $sth_select->execute() or die $DBI::errstr;
    my @row;
    while( @row = $sth_select->fetchrow_array ) {
        $My::domain = @row[1];
        $My::dir = @row[3];
        $My::template = @row[4];
        $s->add_config(["Include /srv/www/vhosts/templates/".$My::template]);
    }
</Perl>

在模板中,我们通过 perl 循环中使用的变量来定义主机名。

出于预览目的,我们希望使用数据库控制的登录来保护一些项目/域。这就是 mod_atuhn_dbd 进入游戏的地方。

这是我们为不同项目和实际问题开始的数据库登录的最终解决方案:

<VirtualHost *:80>
    DBDriver   mysql
    DBDParams  "host=... dbname=... port=3306 user=... pass=..."
    DBDMin     1
    DBDKeep    2
    DBDMax     10
    DBDExptime 60

    <Perl>
        use File::Copy;
        $ServerName = $My::domain;
        $DocumentRoot = "/srv/www/".$My::dir;

        $Directory {"/srv/www/".$My::dir} = {
            AllowOverride        => "All",
            Order                => "allow,deny",
            deny                 => "from all",
            Satisfy              => "Any",
            Require              => "valid-user",
            AuthType             => "Basic",
            AuthName             => "Achtung",              
            AuthBasicProvider    => "socache dbd",              
            AuthnCacheProvideFor => "dbd",              
            AuthnCacheContext    => "Test",             
            AuthnCacheTimeout    => "60",
            AuthDBDUserPWQuery   => "SELECT `user_passwd` FROM prev_user` WHERE `host_name` = '".$My::dir"' AND `user_name` = %s"               
        };
    </Perl>
</VirtualHost>

问题是 - Apache 说:

apache2[10988]: $parms->add_config() has failed:
AuthDBDUserPWQuery takes one argument, Query used to fetch password for user at /usr/lib/x86_64-linux-gnu/perl5/5.20/Apache2/PerlSections.pm line 216.\n

如果我从 perl 部分中删除指令并将其直接放入虚拟主机中,它会按预期工作,用户将收到提示并且必须通过数据库参数登录。太糟糕了,没有选项可以在查询中使用动态主机,所以这不会真正起作用。

<VirtualHost *:80>
    <Perl>
        [...]
        $Directory {"/srv/www/".$My::dir} = {
            AllowOverride        => "All",
            Order                => "allow,deny",
            deny                 => "from all",
            Satisfy              => "Any",
            Require              => "valid-user",
            AuthType             => "Basic",
            AuthName             => "Achtung",              
            AuthBasicProvider    => "socache dbd",              
            AuthnCacheProvideFor => "dbd",              
            AuthnCacheContext    => "Test",             
            AuthnCacheTimeout    => "60"        
        };
    </Perl>

    <Directory /srv/www/websites/admin> 
        AuthDBDUserPWQuery "SELECT `user_passwd` FROM prev_user` WHERE `host_name` = '[NEED DYNAMIC HOST HERE]' AND `user_name` = %s"
    </Directory>    
</VirtualHost>

以下部分似乎存在一些奇怪的问题:

$Directory {"/srv/www/".$My::dir} = {
          [...]
          AuthDBDUserPWQuery   => "SELECT `user_passwd` FROM prev_user` WHERE `host_name` = '".$My::dir"' AND `user_name` = %s"              
};

有什么建议么?

4

1 回答 1

0

了解更多信息:

似乎是 mod_perl 中的一个错误。清除查询中的空格会导致字符串被解释为一个值。显然,空格会导致字符串被解释为多个值。

所以解决方案是:

$Directory {"/srv/www/".$My::dir} = {
      [...]
      AuthDBDUserPWQuery   => "SELECT`user_passwd`FROM`prev_user`WHERE`host_name`='".$My::dir"'AND`user_name`=%s"
}

非常肮脏和混乱,但它有效。

于 2017-08-10T12:10:54.810 回答