Great, this worked. I was using initcol:USER before and it was initializing the same USER collection.

 

Thanks a lot.

 

From: Breno Silva [mailto:breno.silva@gmail.com]
Sent: Friday, March 22, 2013 4:47 PM
To: Volkov, Pavel
Cc: Ryan Barnett; mod-security-users@lists.sourceforge.net
Subject: Re: [mod-security-users] WebAppID

 

Please try to use setsid (for SESSION) , setuid (for USER) and setrsc (for RESOURCE)

global and ip cannot be set per appid.

Thanks

Breno

On Fri, Mar 22, 2013 at 4:55 PM, Volkov, Pavel <Pavel.Volkov@nuance.com> wrote:

Thank you for your response.

In other words this is not happening, right?

 

The method in which application namespaces are implemented is very simple. For normal

collections, the collection name is used to name the SDBM file in which its data will be

stored. For namespace-aware collections, the namespace is part of the name. Assuming the

configuration as in the above example, the data persistence directory may contain the following

files:

default_SESSION.dir

default_SESSION.pag

feistyduck_SESSION.dir

feistyduck_SESSION.pag

IP.dir

IP.pag

ssllabs_SESSION.dir

ssllabs_SESSION.pag

 

Thanks,

Pavel

 

From: Ryan Barnett [mailto:RBarnett@trustwave.com]
Sent: Friday, March 22, 2013 3:51 PM
To: Volkov, Pavel
Cc: mod-security-users@lists.sourceforge.net
Subject: Re: [mod-security-users] WebAppID

 

These sdbm files are stored in the SecDataDir setting. The web app id is used to prevent collisions of data within that file.  This shouldn't be a problem unless the size limits of the sdbm file is reached. 

 

I haven't tested but you could try setting different SecDataDir directives in vhost containers. Not sure if you can do this though as I believe it is a global setting. 

--

Ryan Barnett

 


On Mar 22, 2013, at 12:45 PM, "Volkov, Pavel" <Pavel.Volkov@nuance.com> wrote:

I am trying to split my user collections between the apps. I am using the SecWebAppId directive as mentioned in the documentation. I see my webapp info in the auditlog: (WebApp-Info: "pavel" "-" "-")

But it has no effect on the file structure. I still see that it uses the same user.dir file to store user info for me for all the apps. Any clues? What am I missing? I am using mod_security 2.6.8

 

Thanks,

Pavel

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_mar

_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/

 



This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.


------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_mar
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/