--- loncom/loncapa_apache.conf 2004/03/31 18:07:37 1.75 +++ loncom/loncapa_apache.conf 2020/09/12 18:04:54 1.215.2.25.2.5 @@ -1,8 +1,8 @@ ## ## loncapa_apache.conf -- Apache HTTP LON-CAPA configuration file ## -## $Id: loncapa_apache.conf,v 1.75 2004/03/31 18:07:37 raeburn Exp $ -## + +# $Id: loncapa_apache.conf,v 1.215.2.25.2.5 2020/09/12 18:04:54 raeburn Exp $ # # LON-CAPA Section (extensions to httpd.conf daemon configuration) @@ -18,7 +18,9 @@ Group www # ======================================================= Shared Object Modules -LoadModule perl_module modules/libperl.so + + LoadModule perl_module modules/libperl.so + AddModule mod_perl.c @@ -28,28 +30,57 @@ PerlSetVar MODPERL2 1 # =============================================================== Miscellaneous -ServerAdmin korte@lite.msu.edu +ServerAdmin consortium@loncapa.org ExtendedStatus On # # LON-CAPA Section (extensions to srm.conf name space servicing) # # ===================================================================== Aliases +Alias /zipspool/ /home/httpd/zipspool/ Alias /prtspool/ /home/httpd/prtspool/ +Alias /captchaspool/ /home/httpd/captchaspool/ +Alias /webdav/ /home/httpd/html/priv/ ScriptAlias /cgi-bin/ "/home/httpd/cgi-bin/" + + DAVLockDB /home/httpd/webdav/DAVLock + # ================================================================= Directories # ------------------------------------------------------------- Access Handlers PerlTransHandler Apache::lontrans - -PerlCleanupHandler Apache::lonnet::cleanenv - +PerlCleanupHandler Apache::lonacc::cleanup + +PerlAuthenHandler Apache::checkauthen +PerlSetVar lonOtherAuthen no + + + PerlAuthenHandler Apache::lonshibauth + PerlSetVar lonOtherAuthen yes + PerlSetVar lonOtherAuthenType Shibboleth + #PerlWarn On + +PerlAuthzHandler 'sub { return OK }' + + +# Send proper expires header to avoid unnecessary HTTP request for static content + + ExpiresActive On + ExpiresDefault "access plus 12 hours" + Header set Cache-Control "public, no-transform" + + -PerlAccessHandler Apache::lonacc + +AuthType LONCAPA +Require valid-user + +PerlAccessHandler Apache::publiccheck +PerlAuthzHandler Apache::lonacc PerlHeaderParserHandler Apache::lonrep ErrorDocument 403 /adm/login ErrorDocument 404 /adm/notfound.html @@ -57,44 +88,149 @@ ErrorDocument 406 /adm/roles ErrorDocument 500 /adm/errorhandler + + + + + -PerlAccessHandler Apache::lonenc +SetHandler perl-script +PerlHandler Apache::lonencurl ErrorDocument 403 /adm/login +ErrorDocument 404 /adm/notfound.html +ErrorDocument 406 /adm/roles ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::portfolio + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::portfolio + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonpdfupload +ErrorDocument 403 /adm/login +ErrorDocument 404 /adm/notfound.html +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + +Options +FollowSymLinks -Includes PerlAccessHandler Apache::lontokacc PerlCleanupHandler Apache::lontokacc::removefile +PerlCleanupHandler Apache::lonacc::cleanup - -PerlAccessHandler Apache::lonacc + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +PerlHandler Apache::londatecheck +PerlHandler Apache::lonipcheck PerlHeaderParserHandler Apache::lonuploadrep +ErrorDocument 403 /adm/login ErrorDocument 404 /adm/notfound.html +ErrorDocument 406 /adm/roles ErrorDocument 500 /adm/errorhandler - + + Options +FollowSymLinks -Includes + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + + +PerlAuthenHandler Apache::lonuploadedacc +PerlAuthzHandler Apache::lonuploadedacc::skip_phase +PerlAccessHandler Apache::lonuploadedacc::skip_phase + + + +PerlAccessHandler Apache::publiccheck +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc + + + +PerlAccessHandler Apache::publiccheck +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc + + + SetHandler perl-script PerlHandler Apache::lonpage - + SetHandler perl-script PerlHandler Apache::lonsequence -PerlAccessHandler Apache::lonacc +PerlAccessHandler Apache::publiccheck +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonsyllabus ErrorDocument 404 /adm/notfound.html ErrorDocument 500 /adm/errorhandler + +PerlAccessHandler Apache::publiccheck +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonrss +ErrorDocument 404 /adm/notfound.html +ErrorDocument 500 /adm/errorhandler + + -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonaboutme +ErrorDocument 404 /adm/notfound.html +ErrorDocument 406 /adm/notinit.html +ErrorDocument 500 /adm/errorhandler + + + +PerlAccessHandler Apache::publiccheck +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonaboutme ErrorDocument 404 /adm/notfound.html @@ -103,8 +239,12 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script +PerlHandler Apache::londatecheck +PerlHandler Apache::lonipcheck PerlHandler Apache::lonsimplepage ErrorDocument 404 /adm/notfound.html ErrorDocument 406 /adm/notinit.html @@ -112,8 +252,12 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script +PerlHandler Apache::londatecheck +PerlHandler Apache::lonipcheck PerlHandler Apache::lonbulletin ErrorDocument 404 /adm/notfound.html ErrorDocument 406 /adm/notinit.html @@ -121,7 +265,9 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonsimpleproblemedit ErrorDocument 404 /adm/notfound.html @@ -129,31 +275,82 @@ ErrorDocument 406 /adm/notinit.html ErrorDocument 500 /adm/errorhandler - -PerlAccessHandler Apache::loncacc + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::londatecheck +PerlHandler Apache::lonipcheck +PerlHandler Apache::lonexttool +ErrorDocument 404 /adm/notfound.html +ErrorDocument 406 /adm/notinit.html +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script -PerlHandler Apache::lonconstruct +PerlHandler Apache::lonexturlcheck ErrorDocument 403 /adm/login ErrorDocument 404 /adm/notfound.html ErrorDocument 406 /adm/unauthorized -ErrorDocument 500 /adm/errorhandler - - - -PerlAccessHandler Apache::lonracc - +ErrorDocument 500 /adm/errorhandler + - -PerlAccessHandler Apache::loncacc + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::loncacc +SetHandler perl-script ErrorDocument 403 /adm/login ErrorDocument 404 /adm/notfound.html ErrorDocument 406 /adm/unauthorized ErrorDocument 500 /adm/errorhandler -AllowOverride None + + + + + + AuthType Basic + AuthName "LONCAPA username,domain" + Require valid-user + SSLRequireSSL + PerlAuthenHandler Apache::lonwebdavauth + PerlAuthzHandler Apache::lonwebdavacc + Dav On + DirectoryIndex index.missing + Options Indexes FollowSymLinks + ErrorDocument 403 /adm/nowebdav.html + ErrorDocument 404 /adm/notfound.html + ErrorDocument 406 /adm/unauthorized + ErrorDocument 500 /adm/errorhandler + + + + RewriteEngine on + RewriteRule .* http://%{HTTP_HOST}/adm/nowebdav.html [L] + + + + + + RewriteEngine on + RewriteRule .* http://%{HTTP_HOST}/adm/nowebdav.html [L] + + + + + +PerlAccessHandler Apache::lonracc -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonhelper ErrorDocument 403 /adm/login @@ -163,31 +360,52 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc ErrorDocument 403 /adm/login ErrorDocument 404 /adm/notfound.html ErrorDocument 406 /adm/roles +ErrorDocument 413 /adm/overloaded.txt +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +ErrorDocument 403 /adm/login +ErrorDocument 404 /adm/notfound.html +ErrorDocument 406 /adm/roles +ErrorDocument 413 /adm/overloaded.txt ErrorDocument 500 /adm/errorhandler # ------------------------------------------------------------------------- RAT - + SetHandler perl-script PerlHandler Apache::lonratedt - + SetHandler perl-script PerlHandler Apache::lonratedt - + SetHandler perl-script PerlHandler Apache::lonratsrv + +SetHandler perl-script +PerlHandler Apache::lonratmenu + + -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonratparms ErrorDocument 403 /adm/login @@ -200,9 +418,10 @@ ErrorDocument 500 /adm/errorhandler SetHandler perl-script PerlHandler Apache::lonindexer PerlCleanupHandler Apache::lonindexer::cleanup +PerlCleanupHandler Apache::lonacc::cleanup - + SetHandler perl-script PerlHandler Apache::lontex @@ -217,46 +436,75 @@ SetHandler perl-script PerlHandler Apache::lonsequence - + +PerlAccessHandler Apache::publiccheck SetHandler perl-script PerlHandler Apache::lonmeta +ErrorDocument 413 /adm/overloaded.txt +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script -PerlAccessHandler Apache::lonacc PerlHandler Apache::lonmeta - + SetHandler perl-script PerlHandler Apache::lonrights - + SetHandler perl-script +PerlHandler Apache::londatecheck +PerlHandler Apache::lonipcheck PerlHandler Apache::lonxml - + SetHandler perl-script PerlHandler Apache::lonhomework + +SetHandler perl-script +PerlHandler Apache::lonxml + + -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +PerlHandler Apache::londatecheck +PerlHandler Apache::lonipcheck SetHandler perl-script PerlHandler Apache::lonwrapper ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonsource +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + + -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script -PerlHandler Apache::lonlocal +PerlHandler Apache::lonlocalize ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler @@ -264,7 +512,9 @@ ErrorDocument 500 /adm/errorhandler # -------------------------------------------------------------- Admin Programs -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::randomlylabel ErrorDocument 403 /adm/login @@ -272,15 +522,29 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::imagechoice ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonsearchcourse +ErrorDocument 403 /adm/login +ErrorDocument 500 /adm/errorhandler + + -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonstatistics ErrorDocument 403 /adm/login @@ -288,56 +552,154 @@ ErrorDocument 413 /adm/overloaded.tx ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lontrackstudent +ErrorDocument 403 /adm/login +ErrorDocument 413 /adm/overloaded.txt +ErrorDocument 500 /adm/errorhandler + + -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonroles ErrorDocument 403 /adm/login +ErrorDocument 409 /adm/preferences?action=lockwarning ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script -PerlHandler Apache::lonmenu +PerlHandler Apache::lonmainmenu ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonremote ErrorDocument 403 /adm/login -ErrorDocument 500 /adm/errorhandler +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonpickauthor +ErrorDocument 403 /adm/login +ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonpickstudent ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonpickuser +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonpickcourse ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonpickcode +ErrorDocument 403 /adm/login +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::londependencies +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + SetHandler perl-script PerlHandler Apache::lonlogin + +PerlAccessHandler Apache::publiccheck +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::restrictedaccess +ErrorDocument 500 /adm/errorhandler + + + +PerlAccessHandler Apache::publiccheck +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::blockedaccess +ErrorDocument 500 /adm/errorhandler + + -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonlogout ErrorDocument 403 /adm/login +ErrorDocument 409 /adm/preferences?action=lockwarning +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::switchserver +ErrorDocument 403 /adm/login +ErrorDocument 500 /adm/errorhandler @@ -345,51 +707,105 @@ SetHandler perl-script PerlHandler Apache::lonauth + +SetHandler perl-script +PerlHandler Apache::migrateuser + + + + + AuthType shibboleth + ShibUseEnvironment On + ShibRequestSetting requireSession 1 + ShibRequestSetting redirectToSSL 443 + require valid-user + PerlAuthzHandler Apache::lonshibacc + PerlAuthzHandler Apache::lonacc + + + PerlTypeHandler Apache::lonnoshib + + + -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::admannotations ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler - -PerlAccessHandler Apache::lonacc + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::admannotations +ErrorDocument 403 /adm/login +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script -PerlHandler Apache::admbookmarks +PerlHandler Apache::lonspeller ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonpageflip PerlCleanupHandler Apache::lonpageflip::cleanup +PerlCleanupHandler Apache::lonacc::cleanup ErrorDocument 406 /adm/roles ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonambiguous PerlCleanupHandler Apache::lonambiguous::cleanup +PerlCleanupHandler Apache::lonacc::cleanup ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script -PerlHandler Apache::lonmsg +PerlHandler Apache::lonmsgdisplay ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonnotify +ErrorDocument 403 /adm/login +ErrorDocument 500 /adm/errorhandler + + -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonparmset ErrorDocument 403 /adm/login @@ -397,8 +813,32 @@ ErrorDocument 406 /adm/roles ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::courseprefs +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::slotrequest +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonwizard ErrorDocument 403 /adm/login @@ -407,7 +847,9 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::grades ErrorDocument 403 /adm/login @@ -415,8 +857,21 @@ ErrorDocument 406 /adm/roles ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonrequestcourse +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::loncreatecourse ErrorDocument 403 /adm/login @@ -425,7 +880,9 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonmodifycourse ErrorDocument 403 /adm/login @@ -433,8 +890,30 @@ ErrorDocument 406 /adm/roles ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::domainprefs +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + + +PerlAccessHandler Apache::lonstatusacc +SetHandler perl-script +PerlHandler Apache::domainstatus +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::loncreateuser ErrorDocument 403 /adm/login @@ -443,7 +922,9 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonpublisher ErrorDocument 403 /adm/login @@ -452,8 +933,10 @@ ErrorDocument 406 /adm/unauthorized ErrorDocument 500 /adm/errorhandler - -PerlAccessHandler Apache::loncacc + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::loncacc SetHandler perl-script PerlHandler Apache::lonpubdir ErrorDocument 403 /adm/login @@ -462,29 +945,35 @@ ErrorDocument 406 /adm/unauthorized ErrorDocument 500 /adm/errorhandler - -PerlAccessHandler Apache::lonacc + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script -PerlHandler Apache::lonpubdir +PerlHandler Apache::lonunauthorized ErrorDocument 403 /adm/login ErrorDocument 404 /adm/notfound.html -ErrorDocument 406 /adm/unauthorized ErrorDocument 500 /adm/errorhandler - -PerlAccessHandler Apache::lonacc + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script -PerlHandler Apache::lonunauthorized +PerlHandler Apache::lonretrieve ErrorDocument 403 /adm/login ErrorDocument 404 /adm/notfound.html +ErrorDocument 406 /adm/unauthorized ErrorDocument 500 /adm/errorhandler - -PerlAccessHandler Apache::lonacc + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script -PerlHandler Apache::lonretrieve +PerlHandler Apache::loncleanup ErrorDocument 403 /adm/login ErrorDocument 404 /adm/notfound.html ErrorDocument 406 /adm/unauthorized @@ -492,7 +981,9 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::loncfile ErrorDocument 403 /adm/login @@ -502,7 +993,9 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::londiff ErrorDocument 403 /adm/login @@ -512,7 +1005,9 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonupload ErrorDocument 403 /adm/login @@ -522,7 +1017,9 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::imsimport ErrorDocument 403 /adm/login @@ -532,7 +1029,9 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::testbankimport ErrorDocument 403 /adm/login @@ -542,7 +1041,9 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonspreadsheet ErrorDocument 403 /adm/login @@ -552,7 +1053,9 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonspreadsheet ErrorDocument 403 /adm/login @@ -562,7 +1065,9 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonspreadsheet ErrorDocument 403 /adm/login @@ -572,7 +1077,9 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::londropadd ErrorDocument 403 /adm/login @@ -580,8 +1087,65 @@ ErrorDocument 406 /adm/roles ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonviewclasslist +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::loncoursegroups +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::groupboards +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::grouproster +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonwhatsnew +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonpopulate ErrorDocument 403 /adm/login @@ -590,7 +1154,9 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonmanagekeys ErrorDocument 403 /adm/login @@ -599,7 +1165,9 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonprintout ErrorDocument 403 /adm/login @@ -608,7 +1176,9 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonfeedback ErrorDocument 403 /adm/login @@ -616,72 +1186,112 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::londocs - PerlCleanupHandler Apache::londocs::untiehash +PerlCleanupHandler Apache::londocs::untiehash +PerlCleanupHandler Apache::lonacc::cleanup ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::londocs +PerlCleanupHandler Apache::londocs::untiehash +PerlCleanupHandler Apache::lonacc::cleanup +ErrorDocument 403 /adm/login +ErrorDocument 500 /adm/errorhandler + + -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::imsimportdocs ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler - -PerlAccessHandler Apache::lonacc + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonextresedit +ErrorDocument 403 /adm/login +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonannounce ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler - + -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonchat ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonchatfetch ErrorDocument 413 /adm/overloaded.txt ErrorDocument 500 /adm/errorhandler - -PerlAccessHandler Apache::lonacc + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script -PerlHandler Apache::lonevaluate +PerlHandler Apache::longroupchat ErrorDocument 403 /adm/login -ErrorDocument 500 /adm/errorhandler +ErrorDocument 500 /adm/errorhandler - -PerlAccessHandler Apache::lonacc + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script -PerlHandler Apache::lonpreferences +PerlHandler Apache::lonevaluate ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler - -PerlAccessHandler Apache::lonacc + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script -PerlHandler Apache::lonassignments +PerlHandler Apache::lonpreferences ErrorDocument 403 /adm/login -ErrorDocument 406 /adm/roles ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::loncommunicate ErrorDocument 403 /adm/login @@ -689,26 +1299,33 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonsearchcat PerlCleanupHandler Apache::lonsearchcat::cleanup +PerlCleanupHandler Apache::lonacc::cleanup ErrorDocument 403 /adm/login ErrorDocument 413 /adm/overloaded.txt ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script -PerlHandler Apache::lonnavmaps +PerlHandler Apache::lonnavdisplay ErrorDocument 403 /adm/login ErrorDocument 406 /adm/roles ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonquickgrades ErrorDocument 403 /adm/login @@ -717,96 +1334,162 @@ ErrorDocument 500 /adm/errorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::groupsort PerlCleanupHandler Apache::groupsort::cleanup +PerlCleanupHandler Apache::lonacc::cleanup ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonwishlistdisplay +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonblockingmenu +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + + +PerlAccessHandler Apache::publiccheck +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonblockingstatus + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonaccesstimes +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + SetHandler perl-script PerlHandler Apache::lonerrorhandler -PerlAccessHandler Apache::lonacc +AuthType LONCAPA +Require valid-user +PerlAccessHandler Apache::publiccheck +PerlAuthzHandler Apache::lonacc SetHandler perl-script PerlHandler Apache::lonhelp +ErrorDocument 500 /adm/errorhandler -# ------------------------------------------------- Backdoor Adm Tests/Programs + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonhelpmenu +ErrorDocument 500 /adm/errorhandler + - -AuthName "LON-CAPA Network Administration" -AuthType Basic -AuthUserFile /home/httpd/lonTabs/htpasswd -require user lonadm - + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonsupportreq +ErrorDocument 500 /adm/errorhandler + - -AuthName "LON-CAPA Network Administration" -AuthType Basic -AuthUserFile /home/httpd/lonTabs/htpasswd -require user lonadm - + +SetHandler perl-script +PerlHandler Apache::lonsupportreq +ErrorDocument 500 /adm/errorhandler + - -AuthName "LON-CAPA Network Administration" -AuthType Basic -AuthUserFile /home/httpd/lonTabs/htpasswd -require user lonadm - + +SetHandler perl-script +PerlHandler Apache::loncss +ErrorDocument 500 /adm/errorhandler + - -AuthName "LON-CAPA Network Administration" -AuthType Basic -AuthUserFile /home/httpd/lonTabs/htpasswd -require user lonadm - + +SetHandler perl-script +PerlHandler Apache::coursecatalog +ErrorDocument 500 /adm/errorhandler + - -AuthName "LON-CAPA Network Administration" -AuthType Basic -AuthUserFile /home/httpd/lonTabs/htpasswd -require user lonadm - + +SetHandler perl-script +PerlHandler Apache::resetpw +ErrorDocument 500 /adm/errorhandler + - -AuthName "harvest" -AuthType Basic -AuthUserFile /home/httpd/lonTabs/htpasswd -require user reaper - + +SetHandler perl-script +PerlHandler Apache::selfenroll +ErrorDocument 500 /adm/errorhandler + - -AuthName "Offline" -AuthType Basic -AuthUserFile /home/httpd/lonTabs/htpasswd -require user offline - + +SetHandler perl-script +PerlHandler Apache::createaccount +ErrorDocument 500 /adm/errorhandler + - -AuthName "Offline" -AuthType Basic -AuthUserFile /home/httpd/lonTabs/htpasswd -require user offline - + +SetHandler perl-script +PerlHandler Apache::londns +ErrorDocument 500 /adm/errorhandler + + + +SetHandler perl-script +PerlHandler Apache::spellcheck + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lontiny +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + +# ------------------------------------------------- Backdoor Adm Tests/Programs -AuthName "LON-CAPA Network Administration" -AuthType Basic -AuthUserFile /home/httpd/lonTabs/htpasswd -require user lonadm +PerlAccessHandler Apache::lonstatusacc SetHandler perl-script -PerlAccessHandler Apache::lonacc PerlHandler Apache::lontest # ------------------------------------------------------- Shutting down a child -PerlChildExitHandler Apache::lonnet::goodbye +PerlChildExitHandler Apache::lonacc::goodbye # # LON-CAPA Section (extensions to access.conf permission configuration) @@ -818,50 +1501,134 @@ PerlChildExitHandler Apache::lonnet::goo Options None AllowOverride None + + Require all denied + + + order deny,allow + deny from all + +# Allow uploaded files to be served + + +Options FollowSymLinks +AllowOverride None + + Require all granted + + + order allow,deny + allow from all + + + # Yes to symbolic links and server-side includes -Options Includes FollowSymLinks +Options FollowSymLinks AllowOverride None -order allow,deny -allow from all + + Require all granted + + + order allow,deny + allow from all + # If it is in cgi-bin, then it can be executed as a CGI script. AllowOverride None -Options ExecCGI +Options ExecCGI FollowSymLinks + + Require all granted + + + order allow,deny + allow from all + +# Allow serving of files in prtspool + + +Options FollowSymLinks +AllowOverride None + + Require all granted + + + order allow,deny + allow from all + + + +# Allow serving of files in zipspool + + +Options FollowSymLinks +AllowOverride None + + Require all granted + + + order allow,deny + allow from all + + + +# Allow serving of files in captchaspool + + +Options FollowSymLinks +AllowOverride None + + Require all granted + + + order allow,deny + allow from all + + + + + DirectoryIndex disabled + + + + DirectoryIndex disabled + + # ============================================================= Access Handlers # ------------------------------------------------- Allow server-status reports +PerlAccessHandler Apache::lonstatusacc SetHandler server-status -AuthName "LON-CAPA Network Administration" -AuthType Basic -AuthUserFile /home/httpd/lonTabs/htpasswd -require user lonadm # ------------------------ Allow LON-CAPA "low-level" connection status reports - -AuthName "LON-CAPA Network Administration" -AuthType Basic -AuthUserFile /home/httpd/lonTabs/htpasswd -require user lonadm - + +PerlAccessHandler Apache::lonstatusacc +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + # ------------------- Allow access to local system documentation from localhost Alias /doc /usr/doc -order deny,allow -deny from all -allow from localhost Options Indexes FollowSymLinks + + Require local + + + order deny,allow + deny from all + allow from localhost + # ******** THESE "SHOULD" NEVER BE ALTERED BY THE USER ************************ @@ -869,20 +1636,38 @@ Options Indexes FollowSymLinks PerlSetVar lonVersion '' PerlSetVar lonIDsDir /home/httpd/lonIDs +PerlSetVar lonBalanceDir /home/httpd/balanceIDs +PerlSetVar lonDAVsessDir /home/httpd/webdav/sessionIDs PerlSetVar lonTabDir /home/httpd/lonTabs PerlSetVar lonUsersDir /home/httpd/lonUsers PerlSetVar lonIconsURL /adm/lonIcons PerlSetVar londPort 5663 -PerlSetVar lonSysEMail korte@lite.msu.edu +PerlSetVar lonSysEMail techsupport@loncapa.org PerlSetVar lonDaemons /home/httpd/perl +PerlSetVar lonLib /home/httpd/lib PerlSetVar lonSockDir /home/httpd/sockets +PerlSetVar lonSockCreate /home/httpd/sockets/common PerlSetVar lonDocRoot /home/httpd/html +PerlSetVar lonPrtDir /home/httpd/prtspool PerlSetVar lonIncludes /home/httpd/html/res/adm/includes -PerlSetVar lonBrowsDet netscape:mozilla:msie:mozilla\/(\d+\.\d+)\s:9999:9999&explorer:msie:netscape:msie\s(\d+\.\d+)\;:9999:9999&mozilla:mozilla\/[5-9]:msie:mozilla\/(\d+\.\d+)\s:9999:1&amaya:amaya:mozilla:V(\d+\.\d+)\s:1:1 -PerlSetVar lonTextBrowsers opera:windows\s+ce:lynx +PerlSetVar lonZipDir /home/httpd/zipspool +PerlSetVar lonCaptchaDir /home/httpd/captchaspool +PerlSetVar lonCaptchaDb /home/httpd/captchadb +PerlSetVar lonFontsDir /home/httpd/html/adm/fonts +# & separated list of % separated fields in order of +# - internal name to call it, +# - regexp that it should match (done case-insensitively) +# - regexp that is should not match (done case-insensitively) +# - regexp that will pull out the version number into $1 +# - a number that describes the minimum version that has mathml support +# - a number that describes the minimum number version that has unicode support + +PerlSetVar lonBrowsDet explorer%msie%netscape%msie\s(\d+\.\d+)\;%9999%5&mozilla%mozilla\/[5-9]%msie%mozilla\/(\d+\.\d+)\s%9999%1&netscape%netscape%msie%netscape\/(\d+\.\d+)%9999%7&netscape%netscape\/[7-9]%shouldnotmatch%netscape\/(\d+\.\d+)%9999%7&amaya%amaya%mozilla%V(\d+\.\d+)\s%1%1&safari%safari%msie%safari\/([\d\.]+)%9999%84&chrome%chrome%chromeframe%\s+chrome\/(\d+\.\d+)%9999%1&explorer%\s+rv\:\d+\.\d+%firefox%\s+rv\:(\d+\.\d+)%9999%5&opera%\sOPR\/\d+\.\d+%shouldnotmatch%\sOPR\/(\d+\.\d+)%9999%6&opera%^Opera\/9.80\s.+Version\/\d+\.\d+$%shouldnotmatch%Version\/(\d+\.\d+)$%9999%6&opera%^Opera\/\d+\.\d+\s%Version\/\d+\.\d+$%^Opera\/(\d+\.\d+)\s%9999%6 + +PerlSetVar lonTextBrowsers windows\s+ce:lynx PerlSetVar lonScansDir /home/httpd/scantron PerlSetVar lonScriptTimeout 10 -PerlSetVar BugzillaHost http://bugs.lon-capa.org/ +PerlSetVar BugzillaHost https://bugs.loncapa.org/ PerlSetVar FAQHost http://help.lon-capa.org/ # ----------------------------------------------------------------------------- # NOTE: lonSqlAccess key is the password for the MySQL user @@ -893,11 +1678,79 @@ PerlSetVar FAQHost http://help.lon-capa PerlSetVar lonSqlAccess localhostkey -# ----------------------------------------------------------------------------- -# lonttpdPort is the port used by the lightweight graphics httpd server -# not the main Apache server -PerlSetVar lonhttpdPort 8080 +#---------------------------------------------------------------------------- +# +# Parameters used by secure lond/lonc + +# +# Secure lond/lonc require ssl certificate and private +# key files to function correctly. The certificate +# files need not be terribly secure, but the private key files +# should be set up so that only www (the lonc/lond effective user) +# can read them. +# +# The definition below is the full path to the directory that +# contains the certificate and key files: + +PerlSetVar lonCertificateDirectory /home/httpd/lonCerts + +# +# Secure lond/lonc require two certificates and a private host key. +# The certificates required are that of the lonCAPA certificate authority +# and the certificate that authority issued to this host. +# lonnetCertificateAuthority is the name of the file that contains the +# lonCAPA certificate authority's certificate. +# lonnetCertificate is the name of the file that contains the certificate +# issued to the host by the certificate authority. +# Both of these variables are names of files assumed to be in +# lonCertificateDirectory: + +PerlSetVar lonnetCertificateAuthority loncapaCA.pem +PerlSetVar lonnetCertificate lonhostcert.pem + +# +# To generate the request for a certificate, and to negotiate the +# initial ssl connection, the host requires a private key. This key +# is created at lonCAPA install time. Did we mention above that it +# should be set so that only www can read it? The variale below +# is the name of the file relative to lonnetCertificateDirectory +# that has the host's private key. Did we remember to tell you to +# keep the permissions on that file set to rw------- (0600)? +# + +PerlSetVar lonnetPrivateKey lonKey.pem + +# Did we mention that the file described above must have +# permissions really locked down so that it can't be stolen? + +#------------------------------------------------------------------------- + +# Parameters that define where all the ssl stuff is that's needed +# to generate certificate requests and, on a system that's a CA +# the certificate authority. +# +# SSLProgram -> Path to the openssl command +# SSLDirectory -> Directory containing ssl configuration files etc. +# SSLCAConfig -> Name of the SSL config file for the certificate +# Authority. +# SSLCAFile -> Full path to the Certificate authority file +# (on the cert manager system). +# SSLEmail -> E-mail address of loncapa certificate manager. +# The following are good for the loncapa redhat installs and +# the loncapa certificate authority system: +# +PerlSetVar SSLProgram /usr/bin/openssl +PerlSetVar SSLDirectory /usr/share/ssl +PerlSetVar SSLCAConfig loncapaca +PerlSetVar SSLCAFile /usr/share/ssl/loncapaca/cacert.pem +PerlSetVar SSLEmail certificate@lon-capa.org + +#------------------------------------------------------------------------- + + +# ====================================== Include support for SSL rewrites +Include conf/loncapa_rewrite.conf # ====================================== Include machine-specific configuration