summaryrefslogtreecommitdiffstats
path: root/sca-cpp/trunk/hosting
diff options
context:
space:
mode:
authorjsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68>2012-07-16 06:47:49 +0000
committerjsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68>2012-07-16 06:47:49 +0000
commit11522a4b90a4056319cdbc204fffc63780cbfa51 (patch)
treefde77f10429bc13b042d6ac779f0b89149c8334d /sca-cpp/trunk/hosting
parentf82576588fc9672a011655e709179eb43e5ab5b4 (diff)
Add an HTTPD auth provider allowing the authentication logic to be implemented by a component, and cleanup the SSL and mod-security config a bit.
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1361915 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'sca-cpp/trunk/hosting')
-rw-r--r--sca-cpp/trunk/hosting/server/Makefile.am36
-rw-r--r--sca-cpp/trunk/hosting/server/authn.py40
-rw-r--r--sca-cpp/trunk/hosting/server/data/accounts/admin/user.account1
-rw-r--r--sca-cpp/trunk/hosting/server/data/accounts/jane/user.account1
-rw-r--r--sca-cpp/trunk/hosting/server/data/accounts/jane@localhost/user.account1
-rw-r--r--sca-cpp/trunk/hosting/server/data/accounts/jane@sca-store.com/user.account1
-rw-r--r--sca-cpp/trunk/hosting/server/data/accounts/john/user.account1
-rw-r--r--sca-cpp/trunk/hosting/server/data/accounts/john@localhost/user.account1
-rw-r--r--sca-cpp/trunk/hosting/server/data/accounts/john@sca-store.com/user.account1
-rwxr-xr-xsca-cpp/trunk/hosting/server/delete-auth61
-rwxr-xr-xsca-cpp/trunk/hosting/server/get-auth62
-rwxr-xr-xsca-cpp/trunk/hosting/server/put-auth80
-rw-r--r--sca-cpp/trunk/hosting/server/server.composite51
-rwxr-xr-xsca-cpp/trunk/hosting/server/ssl-start113
-rw-r--r--sca-cpp/trunk/hosting/server/user.py6
15 files changed, 348 insertions, 108 deletions
diff --git a/sca-cpp/trunk/hosting/server/Makefile.am b/sca-cpp/trunk/hosting/server/Makefile.am
index d140895dcd..d6e15f819b 100644
--- a/sca-cpp/trunk/hosting/server/Makefile.am
+++ b/sca-cpp/trunk/hosting/server/Makefile.am
@@ -18,16 +18,18 @@
if WANT_PYTHON
moddir = $(prefix)/hosting/server
-dist_mod_SCRIPTS = start stop ssl-start mkapplinks config-backup data-backup
+dist_mod_SCRIPTS = start stop ssl-start mkapplinks config-backup data-backup put-auth get-auth delete-auth
-not_minified = htdocs/public/iframe.html htdocs/create/index.html htdocs/page/index.html htdocs/login/index.html htdocs/public/notfound/index.html htdocs/public/oops/index.html htdocs/proxy/public/oops/index.html htdocs/graph/index.html htdocs/public/notauth/index.html htdocs/account/index.html htdocs/home/index.html htdocs/index.html htdocs/public/notyet/index.html htdocs/clone/index.html htdocs/delete/index.html htdocs/stats/index.html htdocs/app/index.html htdocs/store/index.html htdocs/config.js htdocs/public/config.js
+not_minified = htdocs/public/iframe.html htdocs/create/index.html htdocs/page/index.html htdocs/login/index.html htdocs/public/notfound/index.html htdocs/public/oops/index.html htdocs/proxy/public/oops/index.html htdocs/graph/index.html htdocs/public/notauth/index.html htdocs/account/index.html htdocs/home/index.html htdocs/index.html htdocs/public/notyet/index.html htdocs/clone/index.html htdocs/delete/index.html htdocs/stats/index.html htdocs/app/index.html htdocs/store/index.html htdocs/config.js htdocs/public/config.js htdocs/cache-template.cmf htdocs/app/cache-template.cmf htdocs/cache-template.cmf htdocs/app/cache-template.cmf
minified = htdocs/public/iframe-min.html htdocs/create/index-min.html htdocs/page/index-min.html htdocs/login/index-min.html htdocs/public/notfound/index-min.html htdocs/public/oops/index-min.html htdocs/proxy/public/oops/index-min.html htdocs/graph/index-min.html htdocs/public/notauth/index-min.html htdocs/account/index-min.html htdocs/home/index-min.html htdocs/index-min.html htdocs/public/notyet/index-min.html htdocs/clone/index-min.html htdocs/delete/index-min.html htdocs/stats/index-min.html htdocs/app/index-min.html htdocs/store/index-min.html htdocs/config-min.js htdocs/public/config-min.js
-resources = server.composite *.py htdocs/*.cmf htdocs/*.ico htdocs/home/*.png htdocs/app/*.cmf htdocs/home/*.b64 htdocs/*.txt htdocs/public/*.png htdocs/public/*.b64 data/palettes/*/palette.composite data/accounts/*/*.account data/apps/*/app.composite data/apps/*/app.stats data/apps/*/htdocs/app.html data/dashboards/*/user.apps data/store/*/store.apps ${not_minified} ${minified}
+js_minified = ../../modules/js/htdocs/all-min.js ../../modules/js/htdocs/ui-min.css
+
+resources = server.composite *.py data/palettes/*/palette.composite data/accounts/*/*.account data/apps/*/app.composite data/apps/*/app.stats data/apps/*/htdocs/app.html data/dashboards/*/user.apps data/store/*/store.apps htdocs/cache-manifest.cmf htdocs/app/cache-manifest.cmf htdocs/*.ico htdocs/home/*.png htdocs/home/*.b64 htdocs/*.txt htdocs/public/*.png htdocs/public/*.b64 ${minified}
nobase_dist_mod_DATA = ${resources}
-EXTRA_DIST = ${resources}
+EXTRA_DIST = ${resources} ${not_minified}
SUFFIXES = -min.html -min.js
.html-min.html:
@@ -36,9 +38,29 @@ SUFFIXES = -min.html -min.js
.js-min.js:
../../modules/http/minify-js $< $@
-CLEANFILES = ${minified}
+htdocs/cache-manifest.cmf: htdocs/cache-template.cmf ${minified} ${js_minified}
+ ../../modules/http/cache-manifest htdocs $^
+
+htdocs/app/cache-manifest.cmf: htdocs/app/cache-template.cmf ${minified} ${js_minified}
+ ../../modules/http/cache-manifest htdocs/app $^
+
+nuvem:
+ ln -s "../../../nuvem/nuvem-parallel/nuvem" "nuvem"
+
+lib:
+ ln -s "../../components" "lib"
+
+install-data-hook:
+ cd $(moddir); rm -f nuvem; ln -s "../../../nuvem/nuvem-parallel/nuvem" "nuvem"
+ cd $(moddir); rm -f lib; ln -s "../../components" "lib"
+
+CLEANFILES = ${minified} nuvem lib htdocs/cache-manifest.cmf htdocs/app/cache-manifest.cmf
+
+client_test_SOURCES = client-test.cpp
+client_test_LDFLAGS = -lxml2 -lcurl -lmozjs
-dist_noinst_SCRIPTS = server-test test.py
-TESTS = server-test
+dist_noinst_SCRIPTS = logic-test server-test test.py
+noinst_PROGRAMS = client-test
+TESTS = logic-test
endif
diff --git a/sca-cpp/trunk/hosting/server/authn.py b/sca-cpp/trunk/hosting/server/authn.py
new file mode 100644
index 0000000000..4d4f34b9fb
--- /dev/null
+++ b/sca-cpp/trunk/hosting/server/authn.py
@@ -0,0 +1,40 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+# User authenticator implementation
+from time import strftime
+from util import *
+
+# Convert a particular user id to an authentication id
+def authnid(id):
+ return append(append(('authn',), id), ('user.authn',))
+
+# Get a user's authentication
+def get(id, cache):
+ authn = cache.get(authnid(id))
+ if isNil(authn) or authn is None:
+ return None
+ return authn
+
+# Update a user's authentication
+def put(id, authn, cache):
+ return cache.put(authnid(id), authn)
+
+# Delete a user's authentication
+def delete(id, cache):
+ return cache.delete(authnid(id))
+
diff --git a/sca-cpp/trunk/hosting/server/data/accounts/admin/user.account b/sca-cpp/trunk/hosting/server/data/accounts/admin/user.account
new file mode 100644
index 0000000000..4f4a754a92
--- /dev/null
+++ b/sca-cpp/trunk/hosting/server/data/accounts/admin/user.account
@@ -0,0 +1 @@
+((entry (title "Admin") (id "admin")))
diff --git a/sca-cpp/trunk/hosting/server/data/accounts/jane/user.account b/sca-cpp/trunk/hosting/server/data/accounts/jane/user.account
new file mode 100644
index 0000000000..a3cf7e2c3d
--- /dev/null
+++ b/sca-cpp/trunk/hosting/server/data/accounts/jane/user.account
@@ -0,0 +1 @@
+((entry (title "Jane Doe") (id "jane") (content (account (description "This is Jane") (keys (key (((@name "key1") (@value "value1")) ((@name "key2") (@value "value2")) ((@name "key3") (@value "value3")) ((@name "") (@value "")) ((@name "") (@value "")))))))))
diff --git a/sca-cpp/trunk/hosting/server/data/accounts/jane@localhost/user.account b/sca-cpp/trunk/hosting/server/data/accounts/jane@localhost/user.account
deleted file mode 100644
index 5fca389f04..0000000000
--- a/sca-cpp/trunk/hosting/server/data/accounts/jane@localhost/user.account
+++ /dev/null
@@ -1 +0,0 @@
-((entry (title "Jane Doe") (id "jane@localhost")))
diff --git a/sca-cpp/trunk/hosting/server/data/accounts/jane@sca-store.com/user.account b/sca-cpp/trunk/hosting/server/data/accounts/jane@sca-store.com/user.account
deleted file mode 100644
index e0d25671b6..0000000000
--- a/sca-cpp/trunk/hosting/server/data/accounts/jane@sca-store.com/user.account
+++ /dev/null
@@ -1 +0,0 @@
-((entry (title "Jane Doe") (id "jane@sca-store.com") (content (account (description "This is Jane") (keys (key (((@name "key1") (@value "value1")) ((@name "key2") (@value "value2")) ((@name "key3") (@value "value3")) ((@name "") (@value "")) ((@name "") (@value ""))))))))) \ No newline at end of file
diff --git a/sca-cpp/trunk/hosting/server/data/accounts/john/user.account b/sca-cpp/trunk/hosting/server/data/accounts/john/user.account
new file mode 100644
index 0000000000..9989daa228
--- /dev/null
+++ b/sca-cpp/trunk/hosting/server/data/accounts/john/user.account
@@ -0,0 +1 @@
+((entry (title "John Doe") (id "john") (content (account (description "This is John") (keys (key (((@name "key1") (@value "value1")) ((@name "key2") (@value "value2")) ((@name "key3") (@value "value3")) ((@name "key4") (@value "value4")) ((@name "key5") (@value "value5")))))))))
diff --git a/sca-cpp/trunk/hosting/server/data/accounts/john@localhost/user.account b/sca-cpp/trunk/hosting/server/data/accounts/john@localhost/user.account
deleted file mode 100644
index 35d6f30f0b..0000000000
--- a/sca-cpp/trunk/hosting/server/data/accounts/john@localhost/user.account
+++ /dev/null
@@ -1 +0,0 @@
-((entry (title "John Doe") (id "john@localhost")))
diff --git a/sca-cpp/trunk/hosting/server/data/accounts/john@sca-store.com/user.account b/sca-cpp/trunk/hosting/server/data/accounts/john@sca-store.com/user.account
deleted file mode 100644
index 273335e1c7..0000000000
--- a/sca-cpp/trunk/hosting/server/data/accounts/john@sca-store.com/user.account
+++ /dev/null
@@ -1 +0,0 @@
-((entry (title "John Doe") (id "john@sca-store.com") (content (account (description "This is John") (keys (key (((@name "key1") (@value "value1")) ((@name "key2") (@value "value2")) ((@name "key3") (@value "value3")) ((@name "key4") (@value "value4")) ((@name "key5") (@value "value5"))))))))) \ No newline at end of file
diff --git a/sca-cpp/trunk/hosting/server/delete-auth b/sca-cpp/trunk/hosting/server/delete-auth
new file mode 100755
index 0000000000..407d730c80
--- /dev/null
+++ b/sca-cpp/trunk/hosting/server/delete-auth
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+here=`echo "import os; print os.path.realpath('$0')" | python`; here=`dirname $here`
+mkdir -p $1
+root=`echo "import os; print os.path.realpath('$1')" | python`
+admin=$2
+apass=$3
+user=$4
+
+httpd_prefix=`cat $here/../../modules/http/httpd.prefix`
+
+conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"`
+sslconf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-ssl-conf"`
+if [ "$sslconf" = "" ]; then
+ scheme="http"
+ addr=`echo $conf | awk '{ print $7 }'`
+ host=`$here/../../modules/http/httpd-addr ip $addr`
+ if [ "$host" = "" ]; then
+ host="localhost"
+ fi
+ port=`$here/../../modules/http/httpd-addr port $addr`
+else
+ scheme="https"
+ ssladdr=`echo $sslconf | awk '{ print $6 }'`
+ host=`$here/../../modules/http/httpd-addr ip $ssladdr`
+ if [ "$host" = "" ]; then
+ host="localhost"
+ fi
+ port=`$here/../../modules/http/httpd-addr port $ssladdr`
+fi
+
+# Compute user id
+slash=`echo $user | grep "/"`
+if [ "$slash" = "" ]; then
+ id="\"$user\""
+ upath=$user
+else
+ id=`echo $user | awk -F "/" '{ printf "\"%s\" \"%s\"", $2, $3 }'`
+ upath=`echo $user | awk -F "/" '{ printf "%s/%s", $2, $3 }'`
+fi
+
+# Delete user auth
+curl -k -L -u $admin:$apass -X DELETE -H "X-Forwarded-Server: $host" $scheme://$host:$port/c/Authenticator/$upath
+
diff --git a/sca-cpp/trunk/hosting/server/get-auth b/sca-cpp/trunk/hosting/server/get-auth
new file mode 100755
index 0000000000..2be546f91f
--- /dev/null
+++ b/sca-cpp/trunk/hosting/server/get-auth
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+here=`echo "import os; print os.path.realpath('$0')" | python`; here=`dirname $here`
+mkdir -p $1
+root=`echo "import os; print os.path.realpath('$1')" | python`
+admin=$2
+apass=$3
+user=$4
+
+httpd_prefix=`cat $here/../../modules/http/httpd.prefix`
+
+conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"`
+
+sslconf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-ssl-conf"`
+if [ "$sslconf" = "" ]; then
+ scheme="http"
+ addr=`echo $conf | awk '{ print $7 }'`
+ host=`$here/../../modules/http/httpd-addr ip $addr`
+ if [ "$host" = "" ]; then
+ host="localhost"
+ fi
+ port=`$here/../../modules/http/httpd-addr port $addr`
+else
+ scheme="https"
+ ssladdr=`echo $sslconf | awk '{ print $6 }'`
+ host=`$here/../../modules/http/httpd-addr ip $ssladdr`
+ if [ "$host" = "" ]; then
+ host="localhost"
+ fi
+ port=`$here/../../modules/http/httpd-addr port $ssladdr`
+fi
+
+# Compute user id
+slash=`echo $user | grep "/"`
+if [ "$slash" = "" ]; then
+ id="\"$user\""
+ upath=$user
+else
+ id=`echo $user | awk -F "/" '{ printf "\"%s\" \"%s\"", $2, $3 }'`
+ upath=`echo $user | awk -F "/" '{ printf "%s/%s", $2, $3 }'`
+fi
+
+# Get user auth
+curl -k -L -u $admin:$apass -H "X-Forwarded-Server: $host" $scheme://$host:$port/c/Authenticator/$upath
+
diff --git a/sca-cpp/trunk/hosting/server/put-auth b/sca-cpp/trunk/hosting/server/put-auth
new file mode 100755
index 0000000000..351c9b7d7a
--- /dev/null
+++ b/sca-cpp/trunk/hosting/server/put-auth
@@ -0,0 +1,80 @@
+#!/bin/sh
+
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+here=`echo "import os; print os.path.realpath('$0')" | python`; here=`dirname $here`
+mkdir -p $1
+root=`echo "import os; print os.path.realpath('$1')" | python`
+admin=$2
+apass=$3
+user=$4
+upass=$5
+
+httpd_prefix=`cat $here/../../modules/http/httpd.prefix`
+
+conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"`
+sslconf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-ssl-conf"`
+if [ "$sslconf" = "" ]; then
+ scheme="http"
+ addr=`echo $conf | awk '{ print $7 }'`
+ host=`$here/../../modules/http/httpd-addr ip $addr`
+ if [ "$host" = "" ]; then
+ host="localhost"
+ fi
+ port=`$here/../../modules/http/httpd-addr port $addr`
+else
+ scheme="https"
+ ssladdr=`echo $sslconf | awk '{ print $6 }'`
+ host=`$here/../../modules/http/httpd-addr ip $ssladdr`
+ if [ "$host" = "" ]; then
+ host="localhost"
+ fi
+ port=`$here/../../modules/http/httpd-addr port $ssladdr`
+fi
+
+# Get password hash
+rm -f $root/conf/auth.passwd
+touch $root/conf/auth.passwd
+$httpd_prefix/bin/htpasswd -b $root/conf/auth.passwd "$user" "$upass" 2>/dev/null
+hash=`cat $root/conf/auth.passwd | awk -F ":" '{ print $2 }'`
+rm -f $root/conf/auth.passwd
+
+# Compute user id
+slash=`echo $user | grep "/"`
+if [ "$slash" = "" ]; then
+ id="\"$user\""
+ upath=$user
+else
+ id=`echo $user | awk -F "/" '{ printf "\"%s\" \"%s\"", $2, $3 }'`
+ upath=`echo $user | awk -F "/" '{ printf "%s/%s", $2, $3 }'`
+fi
+
+# Put user auth
+cat >$root/conf/auth.entry <<EOF
+<?xml version="1.0" encoding="UTF-8"?>
+<entry xmlns="http://www.w3.org/2005/Atom">
+ <title type="text">$user</title>
+ <id>$user</id>
+ <content type="application/xml">
+ <hash>$hash</hash>
+ </content>
+</entry>
+EOF
+curl -k -L -u $admin:$apass -X PUT -H "X-Forwarded-Server: $host" --data-binary @$root/conf/auth.entry $scheme://$host:$port/c/Authenticator/$upath
+rm $root/conf/auth.entry
+
diff --git a/sca-cpp/trunk/hosting/server/server.composite b/sca-cpp/trunk/hosting/server/server.composite
index 0806a2fa4b..7e4d7196d0 100644
--- a/sca-cpp/trunk/hosting/server/server.composite
+++ b/sca-cpp/trunk/hosting/server/server.composite
@@ -31,12 +31,9 @@
<property name="lastname">?</property>
<property name="realm">?</property>
<property name="host">?</property>
- <service name="User">
- <binding.http uri="user"/>
- </service>
</component>
- <component name="EditWidget">
+ <component name="Editor">
<implementation.widget location="/index.html"/>
<reference name="user" target="User"/>
<reference name="accounts" target="Accounts"/>
@@ -49,7 +46,7 @@
<reference name="log" target="Log"/>
</component>
- <component name="AppWidget">
+ <component name="App">
<implementation.widget location="/app/index.html"/>
<reference name="user" target="User"/>
<reference name="pages" target="Pages"/>
@@ -59,18 +56,17 @@
<component name="Accounts">
<implementation.python script="accounts.py"/>
- <service name="Accounts">
- <binding.http uri="accounts"/>
- </service>
<reference name="user" target="User"/>
<reference name="cache" target="Cache"/>
</component>
+ <component name="Authenticator">
+ <implementation.python script="authn.py"/>
+ <reference name="cache" target="Cache"/>
+ </component>
+
<component name="Dashboards">
<implementation.python script="dashboards.py"/>
- <service name="Dashboards">
- <binding.http uri="dashboards"/>
- </service>
<reference name="user" target="User"/>
<reference name="cache" target="Cache"/>
<reference name="apps" target="Apps"/>
@@ -78,9 +74,6 @@
<component name="AppStore">
<implementation.python script="store.py"/>
- <service name="AppStore">
- <binding.http uri="appstore"/>
- </service>
<reference name="user" target="User"/>
<reference name="cache" target="Cache"/>
<reference name="apps" target="Apps"/>
@@ -88,9 +81,6 @@
<component name="Apps">
<implementation.python script="apps.py"/>
- <service name="Apps">
- <binding.http uri="apps"/>
- </service>
<reference name="user" target="User"/>
<reference name="cache" target="Cache"/>
<reference name="dashboard" target="Dashboards"/>
@@ -101,9 +91,6 @@
<component name="Composites">
<implementation.python script="composites.py"/>
- <service name="Composites">
- <binding.http uri="composites"/>
- </service>
<reference name="user" target="User"/>
<reference name="cache" target="Doccache"/>
<reference name="apps" target="Apps"/>
@@ -111,9 +98,6 @@
<component name="Pages">
<implementation.python script="pages.py"/>
- <service name="Pages">
- <binding.http uri="pages"/>
- </service>
<reference name="user" target="User"/>
<reference name="cache" target="Doccache"/>
<reference name="apps" target="Apps"/>
@@ -121,17 +105,11 @@
<component name="Palettes">
<implementation.python script="palettes.py"/>
- <service name="Palettes">
- <binding.http uri="palettes"/>
- </service>
<reference name="cache" target="Doccache"/>
</component>
<component name="Cache">
<implementation.cpp path="../../components/cache" library="libdatacache"/>
- <service name="Cache">
- <binding.http uri="cache"/>
- </service>
<reference name="l1reader" target="Memcache"/>
<reference name="l1writer" target="Memcache"/>
<reference name="l2reader" target="Database"/>
@@ -140,9 +118,6 @@
<component name="Doccache">
<implementation.cpp path="../../components/cache" library="libdatacache"/>
- <service name="Doccache">
- <binding.http uri="doccache"/>
- </service>
<reference name="l1reader" target="Memcache"/>
<reference name="l1writer" target="Memcache"/>
<reference name="l2reader" target="Documents"/>
@@ -151,9 +126,6 @@
<component name="Memcache">
<implementation.cpp path="../../components/cache" library="libmemcache"/>
- <service name="Memcache">
- <binding.http uri="memcache"/>
- </service>
<property name="server">localhost:11211</property>
<property name="server">localhost:11212</property>
</component>
@@ -162,25 +134,16 @@
<implementation.cpp path="../../components/filedb" library="libfiledb"/>
<property name="dbname">data</property>
<property name="format">scheme</property>
- <service name="Database">
- <binding.http uri="database"/>
- </service>
</component>
<component name="Documents">
<implementation.cpp path="../../components/filedb" library="libfiledb"/>
<property name="dbname">data</property>
<property name="format">xml</property>
- <service name="Documents">
- <binding.http uri="documents"/>
- </service>
</component>
<component name="Log">
<implementation.python script="log.py"/>
- <service name="Log">
- <binding.http uri="log"/>
- </service>
</component>
</composite>
diff --git a/sca-cpp/trunk/hosting/server/ssl-start b/sca-cpp/trunk/hosting/server/ssl-start
index b80b2adf40..d699089847 100755
--- a/sca-cpp/trunk/hosting/server/ssl-start
+++ b/sca-cpp/trunk/hosting/server/ssl-start
@@ -22,7 +22,6 @@
# 127.0.0.1 www.example.com
here=`echo "import os; print os.path.realpath('$0')" | python`; here=`dirname $here`
-jsprefix=`echo "import os; print os.path.realpath('$here/../../modules/js')" | python`
host=`hostname`
# Create SSL certificates
@@ -41,39 +40,33 @@ fi
../../components/cache/memcached-start tmp 11211
../../components/cache/memcached-start tmp 11212
+# Clear document cache
+rm -rf tmp/cache
+
# Configure server
../../modules/http/httpd-conf tmp www.example.com 8090 htdocs
+../../modules/http/alt-host-conf tmp ww1.example.com
+../../modules/http/alt-host-conf tmp ww2.example.com
../../modules/http/httpd-event-conf tmp
+#../../modules/http/cache-conf tmp
../../modules/http/httpd-ssl-conf tmp 8453
+#../../modules/http/cache-ssl-conf tmp
# Configure HTTP basic auth
-../../modules/http/basic-auth-conf tmp
+../../modules/http/basic-auth-conf tmp component
# Configure OAuth authentication
# Configure your OAuth app keys here
-../../modules/oauth/oauth-conf tmp
+../../modules/oauth/oauth-conf tmp component
../../modules/oauth/oauth-memcached-conf tmp localhost 11212
../../modules/oauth/oauth2-appkey-conf tmp facebook.com 12345 67890
../../modules/oauth/oauth2-appkey-conf tmp google.com 12345 67890
-# Configure password authentication
-../../modules/http/open-auth-conf tmp
-../../modules/http/passwd-auth-conf tmp john john
-../../modules/http/passwd-auth-conf tmp jane jane
-../../modules/http/passwd-auth-conf tmp admin admin
-
-# Configure OpenID step2 authentication
-../../modules/openid/openid-conf tmp
-../../modules/openid/openid-step2-conf tmp
-../../modules/openid/openid-memcached-conf tmp localhost 11212
+# Configure form-based authentication
+../../modules/http/open-auth-conf tmp component 80b67f38-b79e-4a72-bb5c-22c69fb00820
-# Configure authorized users
-../../modules/http/group-auth-conf tmp john
-../../modules/http/group-auth-conf tmp jane
-../../modules/http/group-auth-conf tmp admin
-# Configure the email addresses associated with your OpenID and OAuth ids here
-../../modules/http/group-auth-conf tmp john@example.com
-../../modules/http/group-auth-conf tmp jane@example.com
+# Configure authorized admins
+../../modules/http/passwd-auth-conf tmp admin admin
# Configure mod-security
#../../modules/http/mod-security-conf tmp
@@ -103,26 +96,6 @@ SecAuditLog "|$here/../../components/log/scribe-cat $host secaudit"
EOF
-else
- cat >tmp/conf/log.conf <<EOF
-# Generated by: ssl=start $*
-ErrorLog $here/tmp/logs/error_log
-CustomLog $here/tmp/logs/access_log combined
-
-EOF
-
- cat >tmp/conf/log-ssl.conf <<EOF
-# Generated by: ssl-start $*
-CustomLog $here/tmp/logs/ssl_access_log sslcombined
-
-EOF
-
- cat >tmp/conf/mod-security-log.conf <<EOF
-# Generated by: ssl-start $*
-SecAuditLog $here/tmp/logs/secaudit_log
-
-EOF
-
fi
#../../modules/http/httpd-loglevel-conf tmp debug
@@ -143,10 +116,11 @@ cat >>tmp/conf/svhost-ssl.conf <<EOF
ErrorDocument 404 /public/notfound/
ErrorDocument 401 /public/notauth/
ErrorDocument 403 /public/notauth/
+ErrorDocument 400 /public/oops/
+ErrorDocument 405 /public/oops/
ErrorDocument 500 /public/oops/
ErrorDocument 502 /public/oops/
ErrorDocument 503 /public/oops/
-ErrorDocument 405 /public/oops/
EOF
@@ -160,6 +134,12 @@ SCAComposite server.composite
# Configure SCA Composite for mass dynamic virtual Hosting
SCAVirtualContributor Composites
+# Configure SCA Authenticator component
+SCAAuthenticator Authenticator
+
+# Configure SCA wiring timeout
+SCAWiringTimeout 10
+
EOF
# Configure resource aliases
@@ -172,14 +152,6 @@ Alias /proxy/public/config-min.js $here/public/config-min.js
EOF
-# Create app implementation resource links
-if [ ! -e "nuvem" ]; then
- ln -s "../../../nuvem/nuvem-parallel/nuvem" "nuvem"
-fi
-if [ ! -e "lib" ]; then
- ln -s "../../components" "lib"
-fi
-
# Configure app resource aliases
cat >>tmp/conf/svhost-ssl.conf <<EOF
# Generated by: ssl-start $*
@@ -188,6 +160,49 @@ AliasMatch /v/([^/]+)(.*)$ $here/htdocs/app\$2
EOF
+# Configure admin access to server status and info
+cat >tmp/conf/adminauth.conf <<EOF
+# Generated by: ssl-start $*
+# Allow the server admin to view the server status and info
+<Location /server-status>
+AuthType None
+Require all granted
+</Location>
+
+<Location /server-info>
+AuthType None
+Require all granted
+</Location>
+
+EOF
+
+# Configure admin access to components
+cat >>tmp/conf/locauth-ssl.conf <<EOF
+# Generated by: ssl-start $*
+# Allow the server admin to access all components
+<Location /c>
+Require user admin
+</Location>
+<Location /r>
+Require user admin
+</Location>
+<Location /r/Editor>
+Require valid-user
+</Location>
+<Location /r/App>
+Require valid-user
+</Location>
+EOF
+
# Start server
../../modules/http/httpd-start tmp
+sleep 2
+
+# Configure authorized users
+./put-auth tmp admin admin admin admin
+./put-auth tmp admin admin john john
+./put-auth tmp admin admin jane jane
+# Configure the email addresses associated with your OAuth ids here
+./put-auth tmp admin admin /oauth1/john@example.com password
+./put-auth tmp admin admin /oauth2/jane@example.com password
diff --git a/sca-cpp/trunk/hosting/server/user.py b/sca-cpp/trunk/hosting/server/user.py
index 9be48b33da..8038e43563 100644
--- a/sca-cpp/trunk/hosting/server/user.py
+++ b/sca-cpp/trunk/hosting/server/user.py
@@ -21,9 +21,7 @@
def get(i, user, email, nick, full, first, last, realm, host):
if email.eval() != '?':
return email.eval()
- if nick.eval() != '?':
- return nick.eval() + '@' + realm.eval()
if user.eval() != '?':
- return user.eval() + '@' + realm.eval()
- return 'anonymous@' + host.eval();
+ return user.eval()
+ return 'anonymous'