[opencms-dev] mod_proxy

ark-d at betasystems.com ark-d at betasystems.com
Mon May 23 13:02:30 CEST 2005 




Bernd,

I use a simplified templateone form module and mod_proxy and mod_rewrite
without installing opencms as ROOT on my private site and have serveral
other Installations for Intranet and Internet at work with mod_jk 1.2.x ,
because of LoadBalancing, Clustering, ease of use, etc. So I think mod_jk
is the right solution for high performance and for multisite solutions.

> I can not afford a certificate right now

I'm using a self signed and require ssl connection for the workplace like
this:

Create Self signed Certifcate:

keytool -genkey -alias tomcat -keyalg RSA -keystore /path/to/.keystore
-validity 365

keytool -export -alias tomcat -file /path/to/tomcat-server.crt -keystore
/path/to/.keystore

keytool -import -file /path/to/tomcat-server.crt -keystore /path/to/cacerts

server.xml settings:

<!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
<!-- Commnet out from server.xml-->
<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/path/to/.keystore"
keystorePass="secret" truststoreFile="/path/to/cacerts"
/>

Require ssl access for the workplace:

paste into web.xml of opencms

<security-constraint>
<web-resource-collection>
<web-resource-name>OpenCmsServlet</web-resource-name>
<url-pattern>/system/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>

<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>



> And how do you process the data?

via the post method.

Regards,
Arash







                                                                           
             Bernd Wolfsegger                                              
             <bw at code-create.c                                             
             om>                                                        To 
             Sent by:                  <opencms-dev at opencms.org>           
             opencms-dev-bounc                                          cc 
             es at opencms.org                                                
                                                                   Subject 
                                       Re: [opencms-dev] mod_proxy         
             23.05.2005 12:02                                              
                                                                           
                                                                           
             Please respond to                                             
             Bernd Wolfsegger                                              
             <bw at code-create.c                                             
                om>; Please                                                
                respond to                                                 
                The OpenCms                                                
               mailing list                                                
             <opencms-dev at open                                             
                 cms.org>                                                  
                                                                           
                                                                           




Arash,

well, I also have a form on my site and I have no problems sending and
receiving the data and I use mod_proxy/ROOT webapp etc. too, but no mod_jk.
And I do not use https because I can not afford a certificate right now.
But
it would be better to have one for transmitting form data :). So what kind
of
form do you have? Is it a special OpenCms templateone thing or a self
build.
And how do you process the data?

Kind Regards, Bernd

On Monday 23 May 2005 11:11, ark-d at betasystems.com wrote:
> Bernd Wolfsegger wrote:
> > The problem ist not mod_proxy, it is the mod_alias Redirect, because it
>
> does
>
> > not redirect form data.
>
> Bernd,
>
> thanks for the hint, but I don't have mod_alias activated and the form
data
> didn't got redirected.
> As I wrote in my previous email, it works with secure access via
> https://myserver/opencms/opencms/en/emailform.
>
> Regards,
> Arash
>
> opencms-dev-bounces at opencms.org wrote on 23.05.2005 08:40:13:
> > On Sunday 22 May 2005 22:47, Patrick Donker wrote:
> > > Arash Kaffamanesh wrote:
> > > >Yes it does the redirection from apache to tomcat. You don't need to
> > > >install it as ROOT app. But my opinion is for setting up mutltisite
> > > >installation it is better to have one tomcat installation with
>
> serveral
>
> > > >container instances, which can be started indepedently.
> > >
> > > So basically you are saying that in general it is better to have it
> > > installed as a Root app? Or is it just the other way around ;)? I'm a
> > > bit confused on what a Root app does to begin with.
> >
> > As far as I know the only difference is, that the ROOT webapp has no
>
> "name"
>
> > and so you do not need to "name" it in the URL. like other apps.
> >
> > > >The mod_proxy approach has some problems with posting forms I think
>
> and
>
> > > >therfore is not included in beta3 or the latest CVS HEAD. Installing
> > > >opencms as ROOT had some problems with connecting via https to the
> > > >workplace, at least by me.
> > >
> > > Hmmm...that could become a problem as many sites have forms.
> >
> > The problem ist not mod_proxy, it is the mod_alias Redirect, because it
>
> does
>
> > not redirect form data.
> >
> > > >I'm going to test mod_jk 1.2 and mod_rewrite with tomcat 5.5.9
>
> tomorrow,
>
> > > >perhaps it solves my problem with contact form fuctionality in
online
> > > >mode.
> > >
> > > Keep me informed. I'd like to hear your experiences on this as I am
new
> > > to Opencms.
> > >
> > > Thanks
> > > -Patrick
> > >
> > >
> > > _______________________________________________
> > > This mail is send to you from the opencms-dev mailing list
> > > To change your list options, or to unsubscribe from the list, please
>
> visit
>
> > > http://mail.opencms.org/mailman/listinfo/opencms-dev
> >
> > --
> >
> > [  Code Create
> > [  Web Content Management and Presentation
> >
> >
> > [  Bernd Wolfsegger
> > [  Sun Certified Programmer for Java(TM) 2 Platform
> >
> >
> > [  Office in Germany
> > [
> > [  Lohmeyerstrasse 13
> > [  10587 Berlin
> > [  Germany
> > [  Fon +49 (0)30 26555788
> > [  Fax +49 (0)30 2651835
> >
> > [  Office in Kenya
> > [
> > [  P.O. Box 890
> > [  V/Market
> > [  00621 Nairobi
> > [  Kenya
> > [  Mobile +254 (0)720 481053
> >
> > [  bw at code-create.com
> > [  http://www.code-create.com/
> >
> >
> >
> > _______________________________________________
> > This mail is send to you from the opencms-dev mailing list
> > To change your list options, or to unsubscribe from the list, please
>
> visit
>
> > http://mail.opencms.org/mailman/listinfo/opencms-dev

--

[  Code Create
[  Web Content Management and Presentation


[  Bernd Wolfsegger
[  Sun Certified Programmer for Java(TM) 2 Platform


[  Office in Germany
[
[  Lohmeyerstrasse 13
[  10587 Berlin
[  Germany
[  Fon +49 (0)30 26555788
[  Fax +49 (0)30 2651835

[  Office in Kenya
[
[  P.O. Box 890
[  V/Market
[  00621 Nairobi
[  Kenya
[  Mobile +254 (0)720 481053

[  bw at code-create.com
[  http://www.code-create.com/



_______________________________________________
This mail is send to you from the opencms-dev mailing list
To change your list options, or to unsubscribe from the list, please visit
http://mail.opencms.org/mailman/listinfo/opencms-dev

More information about the opencms-dev mailing list