1 2 Traces of the ApacheDBI modules 3 4The traces are supposed to serve as a reference, to check the local setup. 5They also serve as specification for regression testing of the modules. 6 7Note: 8 9 - in order to see the traces in the error_log, you need to enable full debug output 10 by setting $Apache::DBI::DEBUG = 2 and $Apache::AuthDBI::DEBUG = 2. 11 - make sure, that the output of the same server is observed (check process id !) 12 unless AuthDBI is tested and the usage of shared memory is configured. 13 - here we show only the traces of one specific module, 14 in reality the traces are a mix of all used modules and of all servers 15 - in all auth-traces the REQUEST has been deleted 16 - $; appears as '{' 17 18 191. Apache::DBI 20-------------- 21 221.1. normal persistent database connection 23 24 new connect: 25 26 1150 Apache::DBI need ping: yes 27 1150 Apache::DBI new connect to 'dbname=template1{{{AutoCommit=1{PrintError=1' 28 1150 Apache::DBI disconnect (overloaded) 29 30 re-use of connection: 31 32 1151 Apache::DBI need ping: yes 33 1151 Apache::DBI already connected to 'dbname=template1{{{AutoCommit=1{PrintError=1' 34 1151 Apache::DBI disconnect (overloaded) 35 36 371.2. PerlCleanupHandler: check if a rollback is initiated when using a connection with 38 AutoCommit = 0 (data_source: dbi:Pg(AutoCommit=>0):dbname=template1): 39 40 1150 Apache::DBI push PerlCleanupHandler 41 1150 Apache::DBI need ping: yes 42 1150 Apache::DBI new connect to 'dbname=template1{{{AutoCommit=0{PrintError=1' 43 1150 Apache::DBI disconnect (overloaded) 44 1150 Apache::DBI PerlCleanupHandler 45 1150 Apache::DBI PerlCleanupHandler rollback for dbname=template1{{{AutoCommit=0{PrintError=1 46 47 481.3. PerlChildInitHandler: check if a pre-configured connection in startup.pl is initiated. 49 50 the following entries are supposed to appear in the error_log once for every server: 51 52 1033 Apache::DBI PerlChildInitHandler 53 1033 Apache::DBI need ping: yes 54 1033 Apache::DBI new connect to 'dbname=template1{httpd{www{AutoCommit=1{PrintError=1' 55 56 571.4. timeout for ping: set PingTimeOut > 0 and verify, that the first database access shows 58 'need ping: yes' (unless a database handle has been created upon server startup). 59 The second access immediately afterwards shows 'need ping: no' and the third access after 60 timeout seconds again shows 'need ping: yes'. Always watch the same server ! 61 De-activate ping with setting timeout = -1 and check for 'need ping: no'. 62 63 641.5. After having initiated a persistent connection check the perl-status menu-item 65 'DBI connections' ( http://localhost/perl-status?DBI ). Be sure, to check a server, 66 which has a database handle ! 67 68 Datasource Username 69 70 dbname=test_auth 71 72 73------------------------------------------------------------------- 74 75 762. Apache::AuthDBI::authen 77-------------------------- 78 792.1. normal authentication, setCacheTime(60), no cleanup handler 80 81 ========== 82 25362 Apache::AuthDBI::authen request type = >initial main< 83 25362 Apache::AuthDBI::authen get_basic_auth_pw: res = >401<, password sent = >< 84 -------------- here the password requester of the browser pops up -------- 85 ========== 86 25364 Apache::AuthDBI::authen request type = >initial main< 87 25364 Apache::AuthDBI::authen get_basic_auth_pw: res = >0<, password sent = >support< 88 25364 Apache::AuthDBI::authen user sent = >support< 89 25364 Apache::AuthDBI::authen Config{ pwdcasesensitive } = on 90 25364 Apache::AuthDBI::authen Config{ pwd_whereclause } = 91 25364 Apache::AuthDBI::authen Config{ placeholder } = off 92 25364 Apache::AuthDBI::authen Config{ log_field } = 93 25364 Apache::AuthDBI::authen Config{ uid_field } = userid 94 25364 Apache::AuthDBI::authen Config{ authoritative } = on 95 25364 Apache::AuthDBI::authen Config{ data_source } = dbi:Pg:dbname=test_auth 96 25364 Apache::AuthDBI::authen Config{ grp_field } = groupid 97 25364 Apache::AuthDBI::authen Config{ encrypted } = on 98 25364 Apache::AuthDBI::authen Config{ pwd_field } = passwd 99 25364 Apache::AuthDBI::authen Config{ nopasswd } = off 100 25364 Apache::AuthDBI::authen Config{ grp_table } = groups 101 25364 Apache::AuthDBI::authen Config{ pwd_table } = users 102 25364 Apache::AuthDBI::authen Config{ password } = 103 25364 Apache::AuthDBI::authen Config{ log_string } = 104 25364 Apache::AuthDBI::authen Config{ uidcasesensitive } = on 105 25364 Apache::AuthDBI::authen Config{ username } = 106 25364 Apache::AuthDBI::authen Config{ grp_whereclause } = 107 25364 Apache::AuthDBI::authen passwd not found in cache 108 25364 Apache::AuthDBI::authen statement: SELECT passwd FROM users WHERE userid = 'support' 109 25364 Apache::AuthDBI::authen passwd = >su7/poGcpDQWY< 110 25364 Apache::AuthDBI::authen user support: password match for >su7/poGcpDQWY< 111 25364 Apache::AuthDBI::authen return OK 112 113 1142.2. normal authentication as above, check if cached password is used 115 116 discard all traces up to the Config section 117 118 25519 Apache::AuthDBI::authen cache: found >support,dbi:Pg:dbname=test_auth,users,userid< >935176023< >su7/poGcpDQWY< 119 25519 Apache::AuthDBI::authen passwd found in cache 120 25519 Apache::AuthDBI::authen passwd = >su7/poGcpDQWY< 121 25519 Apache::AuthDBI::authen user support: password match for >su7/poGcpDQWY< 122 25519 Apache::AuthDBI::authen secs since last CleanupHandler: 164, CleanupTime: 60 123 25519 Apache::AuthDBI::authen return OK 124 125 1262.3. after successful authentication change password in database. 127 Restart browser and check if password is looked up in the database again. 128 129 1302.4. check normal authentication with several users, who share the same userid, 131 but who have different passwords. 132 133 1342.5. check normal authentication with more than one data_source parameter 135 (and corresponding usernames and passwords), where the first connect 136 fails and the second succeeds. Expect to see a warning about the failure. 137 138 139------------------------------------------------------------------- 140 141 1423. Apache::AuthDBI::authz 143------------------------- 144 1453.1. normal group authorization, setCacheTime(60) 146 147 discard authentication traces 148 149 ========== 150 25560 Apache::AuthDBI::authz request type = >initial main< 151 25560 Apache::AuthDBI::authz user sent = >support< 152 25560 Apache::AuthDBI::authz requirements: valid-user=>< user=>w3master< group=>group-a group-b group-support group-customer< 153 25560 Apache::AuthDBI::authz groups not found in cache 154 25560 Apache::AuthDBI::authz statement: SELECT groupid FROM groups WHERE userid = 'support' 155 25560 Apache::AuthDBI::authz groups = >group-support< 156 25560 Apache::AuthDBI::authz user support: group_result = OK for >group-support< 157 25560 Apache::AuthDBI::authz return OK 158 ========== 159 25560 Apache::AuthDBI::authz request type = >< 160 ========== 161 25560 Apache::AuthDBI::authz request type = >main< 162 163 1643.2. normal authorization as above, check if cached password is used 165 166 ========== 167 25560 Apache::AuthDBI::authz request type = >initial main< 168 25560 Apache::AuthDBI::authz user sent = >support< 169 25560 Apache::AuthDBI::authz requirements: valid-user=>< user=>w3master< group=>group-a group-b group-support group-customer< 170 25560 Apache::AuthDBI::authz cache: found >support,dbi:Pg:dbname=test_auth,users,userid< >935176510< >group-support< 171 25560 Apache::AuthDBI::authz groups found in cache 172 25560 Apache::AuthDBI::authz groups = >group-support< 173 25560 Apache::AuthDBI::authz user support: group_result = OK for >group-support< 174 25560 Apache::AuthDBI::authz return OK 175 ========== 176 25560 Apache::AuthDBI::authz request type = >< 177 ========== 178 25560 Apache::AuthDBI::authz request type = >main< 179 180 1813.3. after successful authorization change group in database and .htaccess. 182 Check if group is looked up in the database again. 183 184 1853.4. check normal authorization with a specific required user. Expect to see no database access. 186 187 1883.5. check normal group authorization with more than one data_source parameter, where the first 189 connect fails and the second succeeds. Expect to see a warning about the failure. 190 191 192------------------------------------------------------------------- 193 194 1954. Apache::AuthDBI using the cleanup handler 196-------------------------------------------- 197 1984.1. PerlCleanupHandler: configure setCleanupTime(60) and check that the first request 199 does not create a PerlCleanupHandler: 200 201 ... 202 1682 Apache::AuthDBI::authen secs since last CleanupHandler: 9, CleanupTime: 60 203 1682 Apache::AuthDBI::authen return OK 204 ========== 205 1682 Apache::AuthDBI::authen request type = >< 206 ========== 207 1682 Apache::AuthDBI::authen request type = >main< 208 209 2104.2. PerlCleanupHandler: configure setCleanupTime(60) and check that a request after the 211 configured time shows the following entries: 212 213 ... 214 1682 Apache::AuthDBI::authen secs since last CleanupHandler: 244, CleanupTime: 60 215 1682 Apache::AuthDBI::authen push PerlCleanupHandler 216 1682 Apache::AuthDBI::authen return OK 217 ========== 218 1682 Apache::AuthDBI::authen request type = >< 219 ========== 220 1682 Apache::AuthDBI::authen request type = >main< 221 1682 Apache::AuthDBI PerlCleanupHandler 222 1682 Apache::AuthDBI PerlCleanupHandler keep >support,dbi:Pg:dbname=test_auth,users,userid< 223 224 2254.3. Authentication: check if a previously used userid/password is deleted from cache, after 226 the CacheTime has expired. For this, re-start the browser, re-authenticate with another 227 userid and wait, until CacheTime and CleanupTime have expired. 228 229 1760 Apache::AuthDBI PerlCleanupHandler delete >w3master,dbi:Pg:dbname=test_auth,users,userid<, last access 157 s before 230 231 2324.4. Authorization: check if a previously used userid/group is deleted from cache, after 233 the CacheTime has expired. For this, re-start the browser, re-authenticate with another 234 userid and wait, until CacheTime and CleanupTime have expired. 235 236 1760 Apache::AuthDBI PerlCleanupHandler delete >support,dbi:Pg:dbname=test_auth,users,userid<, last access 157 s before 237 238 2395. Apache::AuthDBI using shared memory 240-------------------------------------- 241 2425.1. PerlChildInitHandler: initIPC(10000) 243 244 the following entries are supposed to appear in the error_log during server startup 245 once for every server with increasing child count: 246 247 1479 Apache::AuthDBI PerlChildInitHandler child count = 1 248 1478 Apache::AuthDBI PerlChildInitHandler child count = 2 249 ... 250 251 2525.2. using normal authentication, check if shared memory is used: 253 254 expect to see the following entry just before the Config section: 255 256 1669 Apache::AuthDBI::authen cache in shared memory, shmid 2821, shmsize 10000, semid 642 257 258 using a command like ipcs should also show the IPC resources: 259 260 ------ Shared Memory Segments -------- 261 key shmid owner perms bytes nattch status 262 0x0103c80c 2821 httpd 600 10000 0 263 264 ------ Semaphore Arrays -------- 265 key semid owner perms nsems status 266 0x0103c80c 642 httpd 600 1 267 268 2695.3. PerlChildExitHandler: check if IPC resources are removed upon server shutdown. 270 271 the following entries are supposed to appear in the error_log during server shutdown 272 once for every server with decreasing child count: 273 274 ... 275 1595 Apache::AuthDBI PerlChildExitHandler child count = 2 276 1596 Apache::AuthDBI PerlChildExitHandler child count = 1, remove shared memory 2309 and semaphore 386 277 278 279# EOF 280