Re: LAS Password Protection

[J-M Epitalon <Jean-Marie.Epitalon@xxxxxxxxxx>]

Hi tony,

I tried setting up a virtual host with the following lines:

# Added for LAS server
NameVirtualHost *:8080
<VirtualHost *:8080>
    DocumentRoot /usr/local/las/las_servlet/jakarta/webapps/
    ServerName gascogne.cerfacs.fr:8080
    ErrorLog logs/LAS-ui-error_log
    CustomLog logs/LAS-ui-access_log common

    <Directory "/usr/local/las/las_servlet/jakarta/webapps/">
        Options -Indexes
        AllowOverride All
        AuthType Basic
        AuthName "Tout le site web"
        AuthUserFile /usr/local/las/passwords
        Require user discendo
    </Directory>
</VirtualHost>

This does not work. i.e. there is no password protection to the page 
http:gascogne.cerfacs.fr:8080/las/servlets/dataset

If I add the following line:
listen 0.0.0.0:8080

then, the Apache server looks for an actual HTML page at this address
and returns
error 404: The requested URL /las/servlets/dataset was not found on this
server.

I don't understand how Apache and Tomcat work together.
Where is the address /las/servlets/dataset translated to something like
/usr/local/las/las_servlet/jakarta/webapps ?

Is Apache server transparent to any request coming on port 8080 ?

I am lost
Jean-Marie

On Wed, 2005-03-23 at 15:20, Tony Jolibois wrote:
>        Jean-Marie,
> 
> I configured an Apache 2 with password protection, not for a LAS but
> you can apply this to any web site you want.
> I have several virtual host on the same server, the configuration of
> one of these is here (in /etc/httpd/conf/httpd.conf) :
> 
> <VirtualHost opendap.mercator-ocean.fr>
>     ServerAdmin webmaster@dummy-host.example.com
>     DocumentRoot /data/mercat1
>     DirectoryIndex index.html
>     ServerName opendap.mercator-ocean.fr
> #    ErrorLog logs/opendap.mercator-ocean.fr-error_log
>     SetEnvIf Remote_Addr "62\.161\.32" dontlog
>     SetEnvIf Remote_Addr "80\.245\.34" dontlog
>     SetEnvIf Remote_Addr "10\.1" dontlog
>     CustomLog logs/opendap.mercator-ocean.fr-access_log common
>     Alias /data /data/commun
>     Alias /conf /data/mercat1/tomcat/webapps/dodsC/data
>                                                                                                                                                                                  
> <Location /dodsC >
> AuthType Basic
> AllowOverride All
> AuthName "Opendap Mercator Access"
> AuthUserFile /etc/httpd/conf/users-opendap.mercator-ocean.fr
> Order allow,deny
> Allow from 127.0.0.1
> Require valid-user
> Satisfy any
> </Location>
> 
> </VirtualHost>
> 
> The file /etc/httpd/conf/users-opendap.mercator-ocean.fr has been
> created with the utility htpasswd of Apache.
> 
> Then when someone try this URL :
> http://opendap.mercator-ocean.fr/dodsC/ you must enter login/passwd.
> 
> Tony (with Y and not i :-)
> 
> J-M Epitalon wrote:
> > Hi all,
> > 
> > I also need to apply password protection to my LAS server.
> > I run Apache 2.0 and what said Toni does not apply exactly to me.
> > 
> > I tried the following but it does not work.
> > <Directory $home/las/las_servlet/jakarta/webapps/ >
> > AuthType Basic
> > AuthName  "Mersea Access "
> > AuthUserFile $home/users-valid
> > require valid-user
> > </Directory>
> > 
> > 
> > Before reading thru Apache and Tomcat documentation, I would like to
> > know if someone already set a password protection to a LAS based on
> > Apache 2.0
> > 
> > Also I would like to understand this:
> > Is the Tomcat server using Apache as front end or is it serving HTML
> > pages by its own ?
> > 
> > Please help.
> > 
> > Jean-Marie
> > 
> > 
> > On Tue, 2005-02-08 at 18:15, Jonathan Callahan wrote: 
> >   
> > > Toni Jolibois answers: 
> > >     
> > > >        Hi all,
> > > > 
> > > > A response to the mail below.
> > > > I have a LAS configured with an http authentification :
> > > > http://las.mersea.eu.org.
> > > > Here is my Apache configuration (Warning : this is an Apache 1.3, I
> > > > don't know if the new Apache 2 which I recommend have the same
> > > > syntax for the configuration) :
> > > > 
> > > > In the httpd.conf, I have a virtual host ($home is the path of the
> > > > mersea user, change it with the good one for you) :
> > > > 
> > > > <VirtualHost las.mersea.eu.org>
> > > >     ServerAdmin webmaster@mersea.eu.org
> > > >     DocumentRoot $home/las/las_servlet/jakarta/webapps/
> > > >     DirectoryIndex index.html
> > > >     RedirectMatch  /index.html /las/servlets/dataset
> > > >     ServerName las.mersea.eu.org
> > > >     ErrorLog logs/las.mersea.eu.org-error_log
> > > >     CustomLog logs/las.mersea.eu.org-access_log common
> > > >     ScriptAlias  /las-bin/ $home/las/server/
> > > >     Alias /las-output/ $home/las/server/output/
> > > >     Include /etc/httpd/conf/mod_jk.conf-mersea
> > > > </VirtualHost>
> > > > 
> > > > By default, this configuration file parse the access.conf placed in
> > > > the same directory, but you can put these lines into the httpd.conf.
> > > > Here is my access.conf :
> > > > 
> > > > #
> > > > # This is the default file for the AccessConfig directive in
> > > > httpd.conf.
> > > > # It is processed after httpd.conf and srm.conf.
> > > > #
> > > > # To avoid confusion, it is recommended that you put all of your
> > > > # Apache server directives into the httpd.conf file and leave this
> > > > # one essentially empty.
> > > > #
> > > > <Directory $home/las/las_servlet/jakarta/webapps/ >
> > > > Options -Indexes
> > > > AllowOverride All
> > > > AuthType Basic
> > > > AuthName  "Mersea Access "
> > > > AuthUserFile $home/users-valid
> > > > <Files "*">
> > > > require valid-user
> > > > </Files>
> > > > </Directory>
> > > > 
> > > > I created the $home/users-valid with the Apache utility "htpasswd"
> > > > in order to have a user and an encrypted password.
> > > > Please see http://httpd.apache.org/docs/howto/auth.html for Apache
> > > > 1.3 and http://httpd.apache.org/docs-2.0/howto/auth.html for Apache
> > > > 2, all is explained.
> > > > 
> > > > Note that there is an other way to configure http password for a
> > > > virtual host and not for a directory.
> > > > 
> > > > If you have specific question please send me a mail.
> > > > 
> > > > Regards,
> > > > Tony Jolibois 
> > > >       
> > > benb wrote: 
> > >     
> > > > Hello All,
> > > > 
> > > > To satisfy the data access policy for my project I need to require a logon to
> > > > my LAS site (anyone can get a password, we just need to keep track of everyone
> > > > that accesses the site).  I saw "Adding password protection" in the FAQ at
> > > > http://ferret.pmel.noaa.gov/Ferret/LAS/FAQ/password_protection.htm but this 
> > > > does
> > > > not work and seems to apply to version 5 and below.  I'm running LAS 6.3.  Can
> > > > anyone tell me how to achieve password protection with this version?
> > > > 
> > > > The following is what I put in Apache httpd.conf (which doesn't work):
> > > >  
> > > > -----
> > > > Alias /las "/usr/local/las/las/las_servlet/jakarta/webapps/las"
> > > > <Directory /usr/local/las/las/las_servlet/jakarta/webapps/las/>
> > > >     AddHandler cgi-script .pl
> > > >     Options +ExecCGI
> > > >     AuthUserFile /usr/local/apache2/.auto_pass/.auto_pass.txt
> > > >     AuthGroupFile /dev/null
> > > >     AuthName 'WTF-CEOP members'
> > > >     AuthType Basic
> > > >     <Limit GET POST >
> > > >     require valid-user
> > > >     </Limit>
> > > > </Directory>
> > > > ------
> > > > 
> > > > 
> > > > Thank you,
> > > > 
> > > > Ben
> > > > 
> > > > 
> > > >   
> > > >       
> > 
> >