Re: LAS Password Protection

To: Tony Jolibois <tjolibois@xxxxxx>
Subject: Re: LAS Password Protection
From: J-M Epitalon <Jean-Marie.Epitalon@xxxxxxxxxx>
Date: Fri, 25 Mar 2005 16:11:33 +0100
Cc: oar.pmel.las_users@xxxxxxxx
In-reply-to: <424190F5.9030501@cls.fr>
References: <1111585261.18530.176.camel@manche> <42417B37.4000204@cls.fr>< 1111589470.18530.190.camel@manche> <424190F5.9030501@cls.fr>
Reply-to: Jean-Marie.Epitalon@xxxxxxxxxx
Sender: owner-las_users@xxxxxxxxxxxxx

Tony,

thanks to your help, I managed to password protect my LAS!!

For those interested, here is what I did:

I configured Apache as a gateway and configured the communication
between Tomcat and Apache. Actually, there is nothing to change in
Tomcat config, only in Apache config.
I found usefull information at the link:
http://jakarta.apache.org/tomcat/connectors-doc/howto/quick.html

I downloaded the module mod_jk (Apache-Tomcat connector) from the
following page:
http://jakarta.apache.org/site/downloads/downloads_tomcat.html
and installed it in Apache standard module directory.

As a result, LAS main page is located at
my_site.com/las/servlets/dataset.
It is still accessible at my_site.com:8080/las/servlets/dataset.
If we would like to password protect also the site on port 8080, we
would have to go thru a different scheme and configure the Security
Manager in Tomcat servlet.
(One could ask if what I did is really useful, then !)

Then I password protected all the URL beginning with /las/servlets with
the following directive:
<Location /las/servlets/*>
    AuthType Basic
    AuthName "web-site"
    AuthUserFile /usr/local/las/passwords
    Require user discendo
</Location>

The <Location> directive is the point. The <Directory> directive used in
the example given by Tony would work only on Apache 1.x and not 2.x

As a summary, here is the list off all directives added to my httpd.conf
Apache configuration file:

==================================
Alias /las-output/ /usr/local/las/server/output/
ScriptAlias  /las-bin/ /usr/local/las/server/

# --------------------
# The following block redirects all requests regarding pages
#  /las/servlets/*
#  /las/images/*
#  /las/doc/* 
#  /las/closewindow.html 
# to the Tomcat server, named worker1.
# See file workers.properties
# --------------------

# Load mod_jk module
# Update this path to match your modules location
LoadModule    jk_module  modules/mod_jk.so
# Where to find workers.properties
# Update this path to match your conf directory location
JkWorkersFile /etc/httpd/conf/workers.properties
# Where to put jk logs
# Update this path to match your logs directory location (put mod_jk.log
next to access_log)
JkLogFile     /var/log/httpd/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel    info
# Select the log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
# JkOptions indicate to send SSL KEY SIZE,
JkOptions     +ForwardKeySize +ForwardURICompat -ForwardDirectories
# JkRequestLogFormat set the request format
JkRequestLogFormat     "%w %V %T"
# Send everything for context /las/servlets/ to worker named worker1
(ajp13)
JkMount  /las/servlets/* worker1
JkMount  /las/images/* worker1
JkMount  /las/doc/* worker1
JkMount  /las/closewindow.html worker1

# Passwork protecting main pages of LAS User Interface
<Location /las/servlets/*>
    AuthType Basic
    AuthName "Tout le site web"
    AuthUserFile /usr/local/las/passwords
    Require user discendo
</Location>

# Acces to http://my_las  redirect to
# http://my_las/las/servlets/dataset
RedirectMatch  /index.html /las/servlets/dataset

==================================

Hope this helps

Jean-Marie Epitalon
CERFACS,
Toulouse, France

References:
- Re: LAS Password Protection
  - From: J-M Epitalon

Previous by thread: Re: LAS Password Protection
Next by thread: a reverse "mutliselect" on a NetCDF file?

[Thread Prev][Thread Next][Index]

Dept of Commerce / NOAA / OAR / PMEL / TMAP
Contact Us | Privacy Policy | Disclaimer | Accessibility Statement