|
Graham Dumpleton
graham.dumpleton at gmail.com
Mon Aug 6 07:08:31 EDT 2007
On 06/08/07, Christian Klinger <cklinger at novareto.de> wrote: > i try to use an apache as a proxy for the real web-server. > I want only allow users with a valid key to access the service. > > Maybe i can use an Authenhandler or Authzhandler? You can't go reading the data of the request in these either. Reading the content in any of these handlers will consume it and it will not be passed onto the content handler. In this case the content handler is the proxy and so the proxy will never see the data and will not be able to pass it on to the down stream web site. Reasons why you might be getting a 500 error are that your handler simply has an error in it and a 500 error page is getting passed back to the XML-RPC client, but it doesn't display it. Another reason may be because you have consumed the content and so when the proxy tries to transfer the data to the downstream server, it finds that the Content-Length doesn't match what data is available because actual content length is now zero. The only way one can interrogate request content and preserve it is to use an input filter, but this also will be useless to you, as there is no way in an input filter to return an error response back to the client if you intend rejecting the request. The only this I can think of that you could do is implement a content handler which accepts the request as an XML-RPC request, rejects or accept it, and then makes a separate XML-RPC call using xmlrpclib module to the downstream web server and return and response you get. Ie., you effectively do the proxy rather than having mod_proxy do it. Graham
|