--- loncom/loncapa_apache.conf 2013/12/06 14:48:00 1.226
+++ loncom/loncapa_apache.conf 2023/07/07 03:52:39 1.281
@@ -2,7 +2,7 @@
## loncapa_apache.conf -- Apache HTTP LON-CAPA configuration file
##
-# $Id: loncapa_apache.conf,v 1.226 2013/12/06 14:48:00 raeburn Exp $
+# $Id: loncapa_apache.conf,v 1.281 2023/07/07 03:52:39 raeburn Exp $
#
# LON-CAPA Section (extensions to httpd.conf daemon configuration)
@@ -30,7 +30,7 @@ PerlSetVar MODPERL2 1
# =============================================================== Miscellaneous
-ServerAdmin korte@lite.msu.edu
+ServerAdmin consortium@loncapa.org
ExtendedStatus On
#
# LON-CAPA Section (extensions to srm.conf name space servicing)
@@ -64,11 +64,11 @@ PerlSetVar lonOtherAuthen no
#PerlWarn On
-PerlAuthenHandler 'sub { return OK }'
+PerlAuthzHandler 'sub { return OK }'
# Send proper expires header to avoid unnecessary HTTP request for static content
-
+
ExpiresActive On
ExpiresDefault "access plus 12 hours"
Header set Cache-Control "public, no-transform"
@@ -131,6 +131,7 @@ ErrorDocument 500 /adm/errorhandler
+Options +FollowSymLinks -Includes
PerlAccessHandler Apache::lontokacc
PerlCleanupHandler Apache::lontokacc::removefile
PerlCleanupHandler Apache::lonacc::cleanup
@@ -149,6 +150,10 @@ ErrorDocument 406 /adm/roles
ErrorDocument 500 /adm/errorhandler
+
+ Options +FollowSymLinks -Includes
+
+
AuthType LONCAPA
Require valid-user
@@ -270,6 +275,43 @@ ErrorDocument 406 /adm/notinit.html
ErrorDocument 500 /adm/errorhandler
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::lonslotcheck
+PerlHandler Apache::londatecheck
+PerlHandler Apache::lonipcheck
+PerlHandler Apache::lonexttool
+ErrorDocument 404 /adm/notfound.html
+ErrorDocument 406 /adm/notinit.html
+ErrorDocument 500 /adm/errorhandler
+
+
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::lonplacementtest
+ErrorDocument 404 /adm/notfound.html
+ErrorDocument 406 /adm/notinit.html
+ErrorDocument 500 /adm/errorhandler
+
+
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::lonexturlcheck
+ErrorDocument 403 /adm/login
+ErrorDocument 404 /adm/notfound.html
+ErrorDocument 406 /adm/unauthorized
+ErrorDocument 500 /adm/errorhandler
+
+
AuthType LONCAPA
Require valid-user
@@ -281,7 +323,7 @@ ErrorDocument 406 /adm/unauthorized
ErrorDocument 500 /adm/errorhandler
-
+
AuthType Basic
@@ -416,8 +458,8 @@ ErrorDocument 413 /adm/overloaded.tx
AuthType LONCAPA
Require valid-user
-SetHandler perl-script
PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
PerlHandler Apache::lonmeta
@@ -445,6 +487,94 @@ SetHandler perl-script
PerlHandler Apache::lonxml
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::loncacc
+ErrorDocument 403 /adm/login
+ErrorDocument 404 /adm/notfound.html
+ErrorDocument 406 /adm/unauthorized
+ErrorDocument 500 /adm/errorhandler
+
+
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+
+
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+ErrorDocument 403 /adm/login
+ErrorDocument 404 /adm/notfound.html
+ErrorDocument 406 /adm/unauthorized
+ErrorDocument 500 /adm/errorhandler
+
+
+
+SetHandler perl-script
+PerlHandler Apache::daxepage
+
+
+
+SetHandler perl-script
+PerlHandler Apache::daxepage
+
+
+
+SetHandler perl-script
+PerlHandler Apache::daxeopen
+
+
+
+SetHandler perl-script
+PerlHandler Apache::daxeopen
+
+
+
+SetHandler perl-script
+PerlHandler Apache::daxeopen
+
+
+
+SetHandler perl-script
+PerlHandler Apache::daxeopen
+
+
+
+
+ RewriteEngine on
+ RewriteRule /daxeopen/(.*) /$1
+
+
+
+
+
+ RewriteEngine on
+ RewriteRule /daxeopen/(.*) /$1
+
+
+
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::daxesave
+
+
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::loncoursepub
+ErrorDocument 404 /adm/notfound.html
+ErrorDocument 500 /adm/errorhandler
+
+
AuthType LONCAPA
Require valid-user
@@ -636,17 +766,69 @@ ErrorDocument 406 /adm/roles
ErrorDocument 500 /adm/errorhandler
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::loncourseauthor
+ErrorDocument 403 /adm/login
+ErrorDocument 406 /adm/roles
+ErrorDocument 500 /adm/errorhandler
+
+
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::loncourseuser
+ErrorDocument 403 /adm/login
+ErrorDocument 406 /adm/roles
+ErrorDocument 500 /adm/errorhandler
+
+
SetHandler perl-script
PerlHandler Apache::lonlogin
+
+SetHandler perl-script
+PerlHandler Apache::ltiauth
+
+
+
+SetHandler perl-script
+PerlHandler Apache::lonrelaunch
+
+
+
+SetHandler perl-script
+PerlHandler Apache::ltiauth
+
+
+
+SetHandler perl-script
+PerlHandler Apache::ltipassback
+
+
+
+SetHandler perl-script
+PerlHandler Apache::ltiroster
+
+
+
+SetHandler perl-script
+PerlHandler Apache::ltilogout
+
+
PerlAccessHandler Apache::publiccheck
AuthType LONCAPA
Require valid-user
-SetHandler perl-script
PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
PerlHandler Apache::restrictedaccess
ErrorDocument 500 /adm/errorhandler
@@ -655,12 +837,23 @@ ErrorDocument 500 /adm/errorhandler
PerlAccessHandler Apache::publiccheck
AuthType LONCAPA
Require valid-user
-SetHandler perl-script
PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
PerlHandler Apache::blockedaccess
ErrorDocument 500 /adm/errorhandler
+
+PerlAccessHandler Apache::publiccheck
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::lonprotected
+ErrorDocument 403 /adm/login
+ErrorDocument 500 /adm/errorhandler
+
+
AuthType LONCAPA
Require valid-user
@@ -693,6 +886,7 @@ PerlHandler Apache::migrateuser
+ Header set Cache-Control "private,no-store,no-cache,max-age=0"
AuthType shibboleth
ShibUseEnvironment On
@@ -701,12 +895,25 @@ PerlHandler Apache::migrateuser
require valid-user
PerlAuthzHandler Apache::lonshibacc
PerlAuthzHandler Apache::lonacc
+ ErrorDocument 403 /adm/login
+ ErrorDocument 500 /adm/errorhandler
PerlTypeHandler Apache::lonnoshib
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::lonlinkexit
+ErrorDocument 403 /adm/login
+ErrorDocument 409 /adm/preferences?action=lockwarning
+ErrorDocument 500 /adm/errorhandler
+
+
AuthType LONCAPA
Require valid-user
@@ -717,6 +924,16 @@ ErrorDocument 403 /adm/login
ErrorDocument 500 /adm/errorhandler
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::admannotations
+ErrorDocument 403 /adm/login
+ErrorDocument 500 /adm/errorhandler
+
+
AuthType LONCAPA
Require valid-user
@@ -1312,6 +1529,7 @@ PerlHandler Apache::groupsort
PerlCleanupHandler Apache::groupsort::cleanup
PerlCleanupHandler Apache::lonacc::cleanup
ErrorDocument 403 /adm/login
+ErrorDocument 406 /adm/roles
ErrorDocument 500 /adm/errorhandler
@@ -1346,6 +1564,17 @@ SetHandler perl-script
PerlHandler Apache::lonblockingstatus
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::lonaccesstimes
+ErrorDocument 403 /adm/login
+ErrorDocument 406 /adm/roles
+ErrorDocument 500 /adm/errorhandler
+
+
SetHandler perl-script
PerlHandler Apache::lonerrorhandler
@@ -1426,7 +1655,16 @@ SetHandler perl-script
PerlHandler Apache::spellcheck
-
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::lontiny
+ErrorDocument 403 /adm/login
+ErrorDocument 406 /adm/roles
+ErrorDocument 500 /adm/errorhandler
+
# ------------------------------------------------- Backdoor Adm Tests/Programs
@@ -1462,7 +1700,7 @@ AllowOverride None
# Allow uploaded files to be served
-Options Includes FollowSymLinks
+Options FollowSymLinks
AllowOverride None
Require all granted
@@ -1473,24 +1711,10 @@ AllowOverride None
-# Allow construction space files to be served
-
-
-Options Includes FollowSymLinks
-AllowOverride
-
- Require all granted
-
-
- order allow,deny
- allow from all
-
-
-
# Yes to symbolic links and server-side includes
-Options Includes FollowSymLinks
+Options FollowSymLinks
AllowOverride None
Require all granted
@@ -1518,7 +1742,7 @@ Options ExecCGI FollowSymLinks
# Allow serving of files in prtspool
-Options Includes FollowSymLinks
+Options FollowSymLinks
AllowOverride None
Require all granted
@@ -1532,7 +1756,7 @@ AllowOverride None
# Allow serving of files in zipspool
-Options Includes FollowSymLinks
+Options FollowSymLinks
AllowOverride None
Require all granted
@@ -1546,7 +1770,7 @@ AllowOverride None
# Allow serving of files in captchaspool
-Options Includes FollowSymLinks
+Options FollowSymLinks
AllowOverride None
Require all granted
@@ -1557,6 +1781,14 @@ AllowOverride None
+
+ DirectoryIndex disabled
+
+
+
+ DirectoryIndex disabled
+
+
# ============================================================= Access Handlers
# ------------------------------------------------- Allow server-status reports
@@ -1591,12 +1823,13 @@ Options Indexes FollowSymLinks
PerlSetVar lonVersion ''
PerlSetVar lonIDsDir /home/httpd/lonIDs
+PerlSetVar lonBalanceDir /home/httpd/balanceIDs
PerlSetVar lonDAVsessDir /home/httpd/webdav/sessionIDs
PerlSetVar lonTabDir /home/httpd/lonTabs
PerlSetVar lonUsersDir /home/httpd/lonUsers
PerlSetVar lonIconsURL /adm/lonIcons
PerlSetVar londPort 5663
-PerlSetVar lonSysEMail korte@lite.msu.edu
+PerlSetVar lonSysEMail techsupport@loncapa.org
PerlSetVar lonDaemons /home/httpd/perl
PerlSetVar lonLib /home/httpd/lib
PerlSetVar lonSockDir /home/httpd/sockets
@@ -1607,8 +1840,10 @@ PerlSetVar lonIncludes /home/http
PerlSetVar lonZipDir /home/httpd/zipspool
PerlSetVar lonCaptchaDir /home/httpd/captchaspool
PerlSetVar lonCaptchaDb /home/httpd/captchadb
+PerlSetVar lonLTIDir /home/httpd/lonLTItmp
+PerlSetVar ltiIDsDir /home/httpd/ltiIDs
PerlSetVar lonFontsDir /home/httpd/html/adm/fonts
-# & separated list of : separated fields in order of
+# & separated list of % separated fields in order of
# - internal name to call it,
# - regexp that it should match (done case-insensitively)
# - regexp that is should not match (done case-insensitively)
@@ -1616,12 +1851,12 @@ PerlSetVar lonFontsDir /home/h
# - a number that describes the minimum version that has mathml support
# - a number that describes the minimum number version that has unicode support
-PerlSetVar lonBrowsDet explorer:msie:netscape:msie\s(\d+\.\d+)\;:9999:5&mozilla:mozilla\/[5-9]:msie:mozilla\/(\d+\.\d+)\s:9999:1&netscape:netscape:msie:netscape\/(\d+\.\d+):9999:7&netscape:netscape\/[7-9]:shouldnotmatch:netscape\/(\d+\.\d+):9999:7&amaya:amaya:mozilla:V(\d+\.\d+)\s:1:1&safari:safari:msie:safari\/([\d\.]+):9999:84&chrome:chrome:chromeframe:\s+chrome\/(\d+\.\d+):9999:1
+PerlSetVar lonBrowsDet explorer%msie%netscape%msie\s(\d+\.\d+)\;%9999%5&mozilla%mozilla\/[5-9]%msie%mozilla\/(\d+\.\d+)\s%9999%1&netscape%netscape%msie%netscape\/(\d+\.\d+)%9999%7&netscape%netscape\/[7-9]%shouldnotmatch%netscape\/(\d+\.\d+)%9999%7&amaya%amaya%mozilla%V(\d+\.\d+)\s%1%1&safari%safari%msie%safari\/([\d\.]+)%9999%84&chrome%chrome%chromeframe%\s+chrome\/(\d+\.\d+)%9999%1&explorer%\s+rv\:\d+\.\d+%firefox%\s+rv\:(\d+\.\d+)%9999%5&opera%\sOPR\/\d+\.\d+%shouldnotmatch%\sOPR\/(\d+\.\d+)%9999%6&opera%^Opera\/9.80\s.+Version\/\d+\.\d+$%shouldnotmatch%Version\/(\d+\.\d+)$%9999%6&opera%^Opera\/\d+\.\d+\s%Version\/\d+\.\d+$%^Opera\/(\d+\.\d+)\s%9999%6
PerlSetVar lonTextBrowsers windows\s+ce:lynx
PerlSetVar lonScansDir /home/httpd/scantron
PerlSetVar lonScriptTimeout 10
-PerlSetVar BugzillaHost http://bugs.lon-capa.org/
+PerlSetVar BugzillaHost https://bugs.loncapa.org/
PerlSetVar FAQHost http://help.lon-capa.org/
# -----------------------------------------------------------------------------
# NOTE: lonSqlAccess key is the password for the MySQL user
@@ -1661,6 +1896,8 @@ PerlSetVar lonCertificateDirectory /home
PerlSetVar lonnetCertificateAuthority loncapaCA.pem
PerlSetVar lonnetCertificate lonhostcert.pem
+PerlSetVar lonnetHostnameCertificate lonhostnamecert.pem
+PerlSetVar lonnetCertRevocationList loncapaCAcrl.pem
#
# To generate the request for a certificate, and to negotiate the