diff options
Diffstat (limited to 'sca-cpp/trunk/modules/http/httpd-conf')
| -rwxr-xr-x | sca-cpp/trunk/modules/http/httpd-conf | 103 |
1 files changed, 63 insertions, 40 deletions
diff --git a/sca-cpp/trunk/modules/http/httpd-conf b/sca-cpp/trunk/modules/http/httpd-conf index 5d4e9f5485..e7f191ba48 100755 --- a/sca-cpp/trunk/modules/http/httpd-conf +++ b/sca-cpp/trunk/modules/http/httpd-conf @@ -114,29 +114,9 @@ Require all denied </Directory> # Configure authentication +Include conf/noauth.conf Include conf/auth.conf - -# Allow access to public locations -<Location /login> -AuthType None -Require all granted -</Location> -<Location /logout> -AuthType None -Require all granted -</Location> -<Location /public> -AuthType None -Require all granted -</Location> -<Location /favicon.ico> -AuthType None -Require all granted -</Location> -<Location /robots.txt> -AuthType None -Require all granted -</Location> +Include conf/pubauth.conf # Configure output filters to enable compression and rate limiting <Location /> @@ -165,21 +145,6 @@ RewriteRule .* http://$host$pportsuffix%{REQUEST_URI} [R] </Location> Include conf/svhost.conf - -# Allow access to document root -<Directory "$htdocs"> -Options FollowSymLinks -AuthType None -Require all granted -</Directory> - -# Allow access to root location -<Location /> -Options FollowSymLinks -AuthType None -Require all granted -</Location> - </VirtualHost> EOF @@ -245,6 +210,7 @@ LoadModule logio_module ${modules_prefix}/modules/mod_logio.so LoadModule usertrack_module ${modules_prefix}/modules/mod_usertrack.so LoadModule vhost_alias_module ${modules_prefix}/modules/mod_vhost_alias.so LoadModule cgi_module ${modules_prefix}/modules/mod_cgi.so +LoadModule actions_module ${modules_prefix}/modules/mod_actions.so LoadModule unixd_module ${modules_prefix}/modules/mod_unixd.so LoadModule session_module ${modules_prefix}/modules/mod_session.so LoadModule session_crypto_module ${modules_prefix}/modules/mod_session_crypto.so @@ -261,7 +227,7 @@ EOF # Generate auth configuration cat >$root/conf/auth.conf <<EOF # Generated by: httpd-conf $* -# Authentication configuration +# Authentication and authorization configuration # Allow authorized access to document root <Directory "$htdocs"> @@ -273,13 +239,50 @@ Require all granted <Location /> Options FollowSymLinks AuthUserFile "$root/conf/httpd.passwd" +AuthGroupFile "$root/conf/httpd.groups" Require all granted </Location> -# Mark login page with a header +EOF + +cat >$root/conf/pubauth.conf <<EOF +# Generated by: httpd-conf $* +# Allow everyone to access public locations <Location /login> +AuthType None +Require all granted +# Mark login page with a header Header set X-Login open-auth </Location> +<Location /logout> +AuthType None +Require all granted +</Location> +<Location /public> +AuthType None +Require all granted +</Location> +<Location /favicon.ico> +AuthType None +Require all granted +</Location> +<Location /robots.txt> +AuthType None +Require all granted +</Location> + +# Allow the server admin to view the server status and info +<Location /server-status> +SetHandler server-status +HostnameLookups on +Require user admin +</Location> + +<Location /server-info> +SetHandler server-info +HostnameLookups on +Require user admin +</Location> EOF @@ -292,6 +295,26 @@ cat >$root/conf/httpd.groups <<EOF # Generated by: httpd-conf $* EOF + +# Allow public access to server resources +cat >$root/conf/noauth.conf <<EOF +# Generated by: httpd-conf $* +# Allow public access to server resources + +# Allow access to document root +<Directory "$htdocs"> +AuthType None +Require all granted +</Directory> + +# Allow everyone to access root location +<Location /> +AuthType None +Require all granted +</Location> + +EOF + # Generate vhost configuration cat >$root/conf/vhost.conf <<EOF # Generated by: httpd-conf $* @@ -300,7 +323,7 @@ UseCanonicalName Off # Enable HTTP reverse proxy ProxyRequests Off -ProxyPreserveHost Off +ProxyPreserveHost On ProxyStatus On EOF |