On Tue 01 Jul 2008, titetluc titetluc wrote:
> I am writing an handler generating sub-requests by using the lookup_uri and
> run (Apache2::SubRequest) methods.
> My question is : is it technically possible to generate HTTPS sub-request
> (I observed that sub-requests were using HTTP)

No, none of the protocols is used to make subreqs. HTTP/HTTPS are network
protocols. With subreqs there is no network. A subreq is like a recursive
call of the same request answering machine. Hence, HTTPS? is irrelevant.
Normally the document accessed via a subreq has to be accessible locally.

> using the mod_perl API  ?  If
> yes, which API do I have to use (I can not find any examples, or I tried
> the APR::URI class but unsuccessfully) ?
> If not, which solution is possible (using LWP ?)

But it can be any kind of document apache can serve. So it can be a regular
file, something dynamically created (CGI/PHP/modperl etc) or even a document
for which the current server acts as proxy.

So in your case I see 2 options:

1) implement the included document via a CGI/modperl handler using LWP or
similar

2) use mod_proxy as reverse proxy

In both cases it's not possible to proxy an established SSL identity (client
certificate) to the backend server due to the nature of SSL. Nor can your
client verify the identity of the backend.

If possible I'd go for the mod_proxy version. 1) it doesn't load perl routines
in memory. 2) it passes the data an almost as fast as possible whereas
homegrown LWP solutions tend to buffer the whole document before sending any
output.

But mod_proxy has also drawbacks. It is very difficult to make a POST request
to the backend this way and feed it some data. I once had a similar problem
when I wanted to include a proxied document and pass on the POST input of the
original request to the backend. In the end I did it in Perl.

Torsten

--
Need professional mod_perl support?
Just hire me: torsten.foertsch@gmx.net