diff options
| author | jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> | 2010-11-28 07:17:11 +0000 |
|---|---|---|
| committer | jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> | 2010-11-28 07:17:11 +0000 |
| commit | 14f1ada7b2bb66c6c3dae496d3963e9af3f0ab38 (patch) | |
| tree | 01d610b53ba9b2088138d057f16ed6e5122cfe36 /sca-cpp/trunk/modules/http/httpd-conf | |
| parent | 6c67a3ca11e4bcd7715d92df2e3e41e4e3fc0dc9 (diff) | |
Use different servers for cert-based and password-based auth and use event MPMs for tunnel and proxy servers.
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1039840 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'sca-cpp/trunk/modules/http/httpd-conf')
| -rwxr-xr-x | sca-cpp/trunk/modules/http/httpd-conf | 131 |
1 files changed, 82 insertions, 49 deletions
diff --git a/sca-cpp/trunk/modules/http/httpd-conf b/sca-cpp/trunk/modules/http/httpd-conf index 79a85c0961..a77141af5f 100755 --- a/sca-cpp/trunk/modules/http/httpd-conf +++ b/sca-cpp/trunk/modules/http/httpd-conf @@ -47,54 +47,11 @@ cat >$root/conf/httpd.conf <<EOF ServerName http://$host:$pport PidFile $root/logs/httpd.pid -# Load a minimal set of modules, the load order is important -# (e.g. load mod_headers before mod_rewrite, so its hooks execute -# after mod_rewrite's hooks) -LoadModule alias_module ${modules_prefix}/modules/mod_alias.so -LoadModule authn_file_module ${modules_prefix}/modules/mod_authn_file.so -LoadModule authn_core_module ${modules_prefix}/modules/mod_authn_core.so -LoadModule authz_host_module ${modules_prefix}/modules/mod_authz_host.so -LoadModule authz_groupfile_module ${modules_prefix}/modules/mod_authz_groupfile.so -LoadModule authz_user_module ${modules_prefix}/modules/mod_authz_user.so -LoadModule authz_core_module ${modules_prefix}/modules/mod_authz_core.so -LoadModule auth_basic_module ${modules_prefix}/modules/mod_auth_basic.so -LoadModule auth_digest_module ${modules_prefix}/modules/mod_auth_digest.so -LoadModule auth_form_module ${modules_prefix}/modules/mod_auth_form.so -LoadModule request_module ${modules_prefix}/modules/mod_request.so -LoadModule deflate_module ${modules_prefix}/modules/mod_deflate.so -LoadModule filter_module ${modules_prefix}/modules/mod_filter.so -LoadModule proxy_module ${modules_prefix}/modules/mod_proxy.so -LoadModule proxy_connect_module ${modules_prefix}/modules/mod_proxy_connect.so -LoadModule proxy_http_module ${modules_prefix}/modules/mod_proxy_http.so -LoadModule proxy_balancer_module ${modules_prefix}/modules/mod_proxy_balancer.so -LoadModule lbmethod_byrequests_module ${modules_prefix}/modules/mod_lbmethod_byrequests.so -LoadModule headers_module ${modules_prefix}/modules/mod_headers.so -LoadModule ssl_module ${modules_prefix}/modules/mod_ssl.so -LoadModule socache_shmcb_module ${modules_prefix}/modules/mod_socache_shmcb.so -LoadModule rewrite_module ${modules_prefix}/modules/mod_rewrite.so -LoadModule mime_module ${modules_prefix}/modules/mod_mime.so -LoadModule status_module ${modules_prefix}/modules/mod_status.so -LoadModule asis_module ${modules_prefix}/modules/mod_asis.so -LoadModule negotiation_module ${modules_prefix}/modules/mod_negotiation.so -LoadModule dir_module ${modules_prefix}/modules/mod_dir.so -LoadModule setenvif_module ${modules_prefix}/modules/mod_setenvif.so -<IfModule !log_config_module> -LoadModule log_config_module ${modules_prefix}/modules/mod_log_config.so -</IfModule> -LoadModule logio_module ${modules_prefix}/modules/mod_logio.so -LoadModule usertrack_module ${modules_prefix}/modules/mod_usertrack.so -LoadModule vhost_alias_module ${modules_prefix}/modules/mod_vhost_alias.so -LoadModule cgi_module ${modules_prefix}/modules/mod_cgi.so -LoadModule unixd_module ${modules_prefix}/modules/mod_unixd.so -LoadModule session_module ${modules_prefix}/modules/mod_session.so -#LoadModule session_crypto_module ${modules_prefix}/modules/mod_session_crypto.so -LoadModule session_cookie_module ${modules_prefix}/modules/mod_session_cookie.so -LoadModule slotmem_shm_module ${modules_prefix}/modules/mod_slotmem_shm.so -LoadModule ratelimit_module ${modules_prefix}/modules/mod_ratelimit.so -LoadModule reqtimeout_module ${modules_prefix}/modules/mod_reqtimeout.so +# Load configured MPM +Include conf/mpm.conf -LoadModule mod_tuscany_ssltunnel $here/libmod_tuscany_ssltunnel.so -LoadModule mod_tuscany_openauth $here/libmod_tuscany_openauth.so +# Load required modules +Include conf/modules.conf # Basic security precautions User $user @@ -179,22 +136,98 @@ RewriteCond %{HTTP_HOST} !^$host [NC] RewriteRule .* http://$host:$pport%{REQUEST_URI} [R,L] Include conf/svhost.conf + +# Allow access to document root +<Directory "$htdocs"> +Options FollowSymLinks +AuthType None +Require all granted +</Directory> + +# Allow access to root location +<Location /> +Options FollowSymLinks +AuthType None +Require all granted +</Location> + </VirtualHost> EOF +# Run with the prefork MPM +cat >$root/conf/mpm.conf <<EOF +# Generated by: httpd-conf $* +LoadModule mpm_prefork_module ${modules_prefix}/modules/mod_mpm_prefork.so + +EOF + +# Generate modules list +cat >$root/conf/modules.conf <<EOF +# Generated by: httpd-conf $* +# Load a minimal set of modules, the load order is important +# (e.g. load mod_headers before mod_rewrite, so its hooks execute +# after mod_rewrite's hooks) +LoadModule alias_module ${modules_prefix}/modules/mod_alias.so +LoadModule authn_file_module ${modules_prefix}/modules/mod_authn_file.so +LoadModule authn_core_module ${modules_prefix}/modules/mod_authn_core.so +LoadModule authz_host_module ${modules_prefix}/modules/mod_authz_host.so +LoadModule authz_groupfile_module ${modules_prefix}/modules/mod_authz_groupfile.so +LoadModule authz_user_module ${modules_prefix}/modules/mod_authz_user.so +LoadModule authz_core_module ${modules_prefix}/modules/mod_authz_core.so +LoadModule auth_basic_module ${modules_prefix}/modules/mod_auth_basic.so +LoadModule auth_digest_module ${modules_prefix}/modules/mod_auth_digest.so +LoadModule auth_form_module ${modules_prefix}/modules/mod_auth_form.so +LoadModule request_module ${modules_prefix}/modules/mod_request.so +LoadModule deflate_module ${modules_prefix}/modules/mod_deflate.so +LoadModule filter_module ${modules_prefix}/modules/mod_filter.so +LoadModule proxy_module ${modules_prefix}/modules/mod_proxy.so +LoadModule proxy_connect_module ${modules_prefix}/modules/mod_proxy_connect.so +LoadModule proxy_http_module ${modules_prefix}/modules/mod_proxy_http.so +LoadModule proxy_balancer_module ${modules_prefix}/modules/mod_proxy_balancer.so +LoadModule lbmethod_byrequests_module ${modules_prefix}/modules/mod_lbmethod_byrequests.so +LoadModule headers_module ${modules_prefix}/modules/mod_headers.so +LoadModule ssl_module ${modules_prefix}/modules/mod_ssl.so +LoadModule socache_shmcb_module ${modules_prefix}/modules/mod_socache_shmcb.so +LoadModule rewrite_module ${modules_prefix}/modules/mod_rewrite.so +LoadModule mime_module ${modules_prefix}/modules/mod_mime.so +LoadModule status_module ${modules_prefix}/modules/mod_status.so +LoadModule asis_module ${modules_prefix}/modules/mod_asis.so +LoadModule negotiation_module ${modules_prefix}/modules/mod_negotiation.so +LoadModule dir_module ${modules_prefix}/modules/mod_dir.so +LoadModule setenvif_module ${modules_prefix}/modules/mod_setenvif.so +<IfModule !log_config_module> +LoadModule log_config_module ${modules_prefix}/modules/mod_log_config.so +</IfModule> +LoadModule logio_module ${modules_prefix}/modules/mod_logio.so +LoadModule usertrack_module ${modules_prefix}/modules/mod_usertrack.so +LoadModule vhost_alias_module ${modules_prefix}/modules/mod_vhost_alias.so +LoadModule cgi_module ${modules_prefix}/modules/mod_cgi.so +LoadModule unixd_module ${modules_prefix}/modules/mod_unixd.so +LoadModule session_module ${modules_prefix}/modules/mod_session.so +#LoadModule session_crypto_module ${modules_prefix}/modules/mod_session_crypto.so +LoadModule session_cookie_module ${modules_prefix}/modules/mod_session_cookie.so +LoadModule slotmem_shm_module ${modules_prefix}/modules/mod_slotmem_shm.so +LoadModule ratelimit_module ${modules_prefix}/modules/mod_ratelimit.so +LoadModule reqtimeout_module ${modules_prefix}/modules/mod_reqtimeout.so + +LoadModule mod_tuscany_ssltunnel $here/libmod_tuscany_ssltunnel.so +LoadModule mod_tuscany_openauth $here/libmod_tuscany_openauth.so + +EOF + # Generate auth configuration cat >$root/conf/auth.conf <<EOF # Generated by: httpd-conf $* # Authentication configuration -# Allow access to document root +# Allow authorized access to document root <Directory "$htdocs"> Options FollowSymLinks Require all granted </Directory> -# Allow access to root location +# Allow authorized access to root location <Location /> Options FollowSymLinks Require all granted |