diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2008-05-07 09:33:00 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2008-05-07 09:41:32 -0400 |
| commit | 8e7561cff6df60e470f1a576f8dca3f025db0586 (patch) | |
| tree | 8a40271f260d1e026f02bcf601bd77594a6d34bf /ipa-server/xmlrpc-server | |
| parent | 5ad2af3429580bc45bdfb7de53601ddf615266bf (diff) | |
| download | freeipa-8e7561cff6df60e470f1a576f8dca3f025db0586.tar.gz freeipa-8e7561cff6df60e470f1a576f8dca3f025db0586.tar.xz freeipa-8e7561cff6df60e470f1a576f8dca3f025db0586.zip | |
Refine our web space some more so that everything we reference is in /ipa
UI: /ipa/ui
XML-RPC: /ipa/xml
errors: /ipa/errors
config: /ipa/config
I had to hardcode that URI into the CSS pages but TurboGears handles the
rest of the translations with tg.url().
Added a version to ipa.conf and ipa-rewrite.conf so we can update them
in the future if needed with ipa-upgradeconfig
440443
Diffstat (limited to 'ipa-server/xmlrpc-server')
| -rw-r--r-- | ipa-server/xmlrpc-server/ipa-rewrite.conf | 4 | ||||
| -rw-r--r-- | ipa-server/xmlrpc-server/ipa.conf | 24 | ||||
| -rw-r--r-- | ipa-server/xmlrpc-server/unauthorized.html | 6 |
3 files changed, 18 insertions, 16 deletions
diff --git a/ipa-server/xmlrpc-server/ipa-rewrite.conf b/ipa-server/xmlrpc-server/ipa-rewrite.conf index af3a3afe2..fc7ce6806 100644 --- a/ipa-server/xmlrpc-server/ipa-rewrite.conf +++ b/ipa-server/xmlrpc-server/ipa-rewrite.conf @@ -1,9 +1,11 @@ +# VERSION 1 - DO NOT REMOVE THIS LINE + RewriteEngine on # By default forward all requests to /ipa. If you don't want IPA # to be the default on your web server comment this line out. You will # need to modify ipa_webgui.cfg as well. -RewriteRule ^/$$ https://$FQDN/ipa [L,NC,R=301] +RewriteRule ^/$$ https://$FQDN/ipa/ui [L,NC,R=301] # Redirect to the fully-qualified hostname. Not redirecting to secure # port so configuration files can be retrieved without requiring SSL. diff --git a/ipa-server/xmlrpc-server/ipa.conf b/ipa-server/xmlrpc-server/ipa.conf index c08282e3b..1eca97757 100644 --- a/ipa-server/xmlrpc-server/ipa.conf +++ b/ipa-server/xmlrpc-server/ipa.conf @@ -1,3 +1,6 @@ +# +# VERSION 1 - DO NOT REMOVE THIS LINE +# # LoadModule auth_kerb_module modules/mod_auth_kerb.so ProxyRequests Off @@ -17,7 +20,7 @@ AddType application/java-archive jar Krb5KeyTab /etc/httpd/conf/ipa.keytab KrbSaveCredentials on Require valid-user - ErrorDocument 401 /errors/unauthorized.html + ErrorDocument 401 /ipa/errors/unauthorized.html RewriteEngine on Order deny,allow Allow from all @@ -28,20 +31,17 @@ AddType application/java-archive jar </Proxy> # The URI's with a trailing ! are those that aren't handled by the proxy -ProxyPass /ipa http://localhost:8080/ipa -ProxyPassReverse /ipa http://localhost:8080/ipa +ProxyPass /ipa/ui http://localhost:8080/ipa/ui +ProxyPassReverse /ipa/ui http://localhost:8080/ipa/ui # Configure the XML-RPC service -Alias /ipaxml "/usr/share/ipa/ipaserver/XMLRPC" +Alias /ipa/xml "/usr/share/ipa/ipaserver/XMLRPC" # This is where we redirect on failed auth -Alias /errors "/usr/share/ipa/html" +Alias /ipa/errors "/usr/share/ipa/html" # For the MIT Windows config files -Alias /config "/usr/share/ipa/html" - -# So we don't have to hardcode a path into the CSS -Alias /static "/usr/share/ipa/ipagui/static" +Alias /ipa/config "/usr/share/ipa/html" <Directory "/usr/share/ipa/ipaserver"> AuthType Kerberos @@ -53,7 +53,7 @@ Alias /static "/usr/share/ipa/ipagui/static" Krb5KeyTab /etc/httpd/conf/ipa.keytab KrbSaveCredentials on Require valid-user - ErrorDocument 401 /errors/unauthorized.html + ErrorDocument 401 /ipa/errors/unauthorized.html SetHandler mod_python PythonHandler ipaxmlrpc @@ -84,7 +84,7 @@ Alias /static "/usr/share/ipa/ipagui/static" Krb5KeyTab /etc/httpd/conf/ipa.keytab KrbSaveCredentials on Require valid-user - ErrorDocument 401 /errors/unauthorized.html + ErrorDocument 401 /ipa/errors/unauthorized.html </Directory> #Alias /ipatest "/usr/share/ipa/ipatest" @@ -99,7 +99,7 @@ Alias /static "/usr/share/ipa/ipagui/static" # Krb5KeyTab /etc/httpd/conf/ipa.keytab # KrbSaveCredentials on # Require valid-user -# ErrorDocument 401 /errors/unauthorized.html +# ErrorDocument 401 /ipa/errors/unauthorized.html # # SetHandler mod_python # PythonHandler test_mod_python diff --git a/ipa-server/xmlrpc-server/unauthorized.html b/ipa-server/xmlrpc-server/unauthorized.html index cc53e33b7..6ba8a99ee 100644 --- a/ipa-server/xmlrpc-server/unauthorized.html +++ b/ipa-server/xmlrpc-server/unauthorized.html @@ -5,12 +5,12 @@ <p> Unable to verify your Kerberos credentials. Please make sure that you have valid Kerberos tickets (obtainable via kinit), and that you -have <a href="/errors/ssbrowser.html">configured your +have <a href="/ipa/errors/ssbrowser.html">configured your browser correctly</a>. If you are still unable to access the IPA Web interface, please contact the helpdesk on for additional assistance. </p> <p> -Import the <a href="/errors/ca.crt">IPA Certificate Authority</a>. +Import the <a href="/ipa/errors/ca.crt">IPA Certificate Authority</a>. </p> <p> <script type="text/javascript"> @@ -19,7 +19,7 @@ Import the <a href="/errors/ca.crt">IPA Certificate Authority</a>. { document.write("<p>You can automatically configure your browser to work with Kerberos by importing the Certificate Authority above and clicking on the Configure Browser button.</p>"); document.write("<p>You <strong>must</strong> reload this page after importing the Certificate Authority for the automatic settings to work</p>"); - document.write("<object data=\"jar:/errors/configure.jar!/preferences.html\" type=\"text/html\"><\/object"); + document.write("<object data=\"jar:/ipa/errors/configure.jar!/preferences.html\" type=\"text/html\"><\/object"); } </script> </p> |