I haven't kept uptodate with Redhat. I think you'll find that the rpm is named differently on Redhat are you using updates/rpm to manage things? It may be called apache-mod_jk
On Jan 25, 2007, at 9:40 AM, Susan Teague Rector wrote: > I'm running Redhat and installed the binary for tomcat > > thx > > Mark Diggory wrote: >> It depends on the linux vendor, which linux are you running and >> how did you install tomcat originally? (RedHat, Debian, Ubuntu, >> Gentoo? etc). >> >> -Mark >> >> On Jan 25, 2007, at 9:10 AM, Susan Teague Rector wrote: >> >> >>> Hi All, >>> I thought I'd jump in here >>> >>> I have just installed Dspace on a test server and am running it >>> on : 80. I think I want to move to the model you all are listing >>> where we log in through https:// thus running Tomcat under Apache. >>> >>> I have a silly question though - Do I need to build the mod_jk >>> connector in Linux? It doesn't look like there's a binary >>> distribution? >>> >>> Thanks, >>> >>> -- >>> Susan Teague Rector >>> Web Applications Manager >>> VCU Libraries: Library Information Systems >>> 804.827.3554 | [EMAIL PROTECTED] >>> >>> >>> Mark Diggory wrote: >>> >>>> John, >>>> >>>> It is mounted vi mod_jk, connector which allows apache to >>>> communicate with tomcat directly. I left that out, those >>>> details are available in tomcats server.xml. There are two >>>> configurations that you are hearing back from Larry Stone and >>>> myself about. >>>> 1.) Use Apache and mod_jk in front of tomcat to handle http/ >>>> https requests. In which apache handles which port a request >>>> goes to ala URL Rewrites/Redirects, tomcat listens via the >>>> mod_jk/ajp connector for requests. This is a the solution >>>> usually taken in production environments running tomcat. It >>>> allows the System Administrator to control the entire request >>>> process and its behavior. There are many "mods" in Apache that >>>> can do things like bandwidth filtering, redirecting and URL >>>> rewriting which are difficult if not impossible to find for >>>> Tomcat directly. This solution does not require having to >>>> recompile the dspace webapplication to administer these >>>> aspects, it allows your System Admin to take control in this >>>> area while your application developers deal with the web- >>>> application side. >>>> >>>> 2.) Use Tomcat to directly serve http/https and security >>>> constraints. This requires rebuilding the war (or just editing >>>> the security constraint in web.xml <http://web.xml>) to enforce >>>> this restriction. Note, you have open tomcat up on two ports >>>> http and https You also need to hack the JSP's to redirect you >>>> back out of https after your user is leaving a protected area. >>>> This is why I choose the former solution, it is always in the >>>> hands of the system administrator, who is the expert in this >>>> area and actualy needs to control these security aspects of a >>>> service as the responsibility of his/her position. It requires >>>> zero modification of the DSpace web-application JSPs and >>>> configuration and thus is very easy to maintain across dspace >>>> upgrades. Each solution has its nuances and complexities. >>>> You'll need to evaluate for yourself, which seems most >>>> appropriate for your taste and situation. >>>> -Mark Diggory >>>> >>>> >>>> On Jan 24, 2007, at 3:19 PM, John Preston wrote: >>>> >>>> >>>>> I see that you are redirecting to the apache https service. >>>>> Where is the tomcat server, I presume on 84343 port. >>>>> >>>>> John >>>>> >>>>> On 1/24/07, *Mark Diggory* < [EMAIL PROTECTED] >>>>> <mailto:[EMAIL PROTECTED]>> wrote: >>>>> >>>>> We accomplish this within our Apache httpd service in front of >>>>> Tomcat. Basically I use mod_rewrite to force specific url's >>>>> into >>>>> http or https. (for example: >>>>> >>>>> >>>>> >>>>>> ## SSL Virtual Host Context >>>>>> <VirtualHost 18.51.3.31:443 <http://18.51.3.31:443>> >>>>>> >>>>>> >>>>>> >>>>> ... >>>>> >>>>> >>>>>> RewriteEngine on >>>>>> >>>>>> RewriteCond %{REQUEST_URI} !^/certificate-login.* >>>>>> RewriteCond %{REQUEST_URI} !^/password-login.* >>>>>> RewriteRule ^/(.*) http://%{HTTP_HOST}/$1 [L,R] >>>>>> >>>>>> >>>>> ... >>>>> >>>>> >>>>>> </VirtualHost> >>>>>> <VirtualHost 18.51.3.31:80 <http://18.51.3.31:80>> >>>>>> >>>>>> >>>>> ... >>>>> >>>>> >>>>>> RewriteEngine on >>>>>> >>>>>> RewriteCond %{REQUEST_URI} ^/certificate- >>>>>> login.* [OR] >>>>>> RewriteCond %{REQUEST_URI} ^/password-login.* >>>>>> RewriteRule ^/(.*) https://%{HTTP_HOST}:443/$1 >>>>>> [L,R] >>>>>> >>>>> -Mark >>>>> >>>>> >>>>> On Jan 24, 2007, at 2:15 PM, John Preston wrote: >>>>> >>>>> >>>>>> Can anyone tell me if it is possible to use https for just >>>>>> the >>>>>> login steps and regualr unsecured http to access my >>>>>> dspace site. >>>>>> I need to secure the login username/password phase but once >>>>>> logged in I want to use the regular http so it is as fast as >>>>>> possible. >>>>>> >>>>> Mark R. Diggory >>>>> ~~~~~~~~~~~~~ >>>>> DSpace Systems Manager >>>>> MIT Libraries, Systems and Technology Services >>>>> Massachusetts Institute of Technology >>>>> >>>>> >>>>> >>>>> >>>> Mark R. Diggory >>>> ~~~~~~~~~~~~~ >>>> DSpace Systems Manager >>>> MIT Libraries, Systems and Technology Services >>>> Massachusetts Institute of Technology >>>> >>>> >>>> ------------------------------------------------------------------- >>>> -- --- >>>> >>>> ------------------------------------------------------------------- >>>> -- ---- >>>> Take Surveys. Earn Cash. Influence the Future of IT >>>> Join SourceForge.net's Techsay panel and you'll get the chance >>>> to share your >>>> opinions on IT & business topics through brief surveys - and >>>> earn cash >>>> http://www.techsay.com/default.php? >>>> page=join.php&p=sourceforge&CID=DEVDEV >>>> ------------------------------------------------------------------- >>>> -- --- >>>> >>>> _______________________________________________ >>>> DSpace-tech mailing list >>>> [email protected] >>>> https://lists.sourceforge.net/lists/listinfo/dspace-tech >>>> >>>> >>> >> >> Mark R. Diggory >> ~~~~~~~~~~~~~ >> DSpace Systems Manager >> MIT Libraries, Systems and Technology Services >> Massachusetts Institute of Technology >> >> >> >> --------------------------------------------------------------------- >> ---- >> Take Surveys. Earn Cash. Influence the Future of IT >> Join SourceForge.net's Techsay panel and you'll get the chance to >> share your >> opinions on IT & business topics through brief surveys - and earn >> cash >> http://www.techsay.com/default.php? >> page=join.php&p=sourceforge&CID=DEVDEV >> _______________________________________________ >> DSpace-tech mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/dspace-tech >> > > -- > Susan Teague Rector > Web Applications Manager > VCU Libraries: Library Information Systems > 804.827.3554 | [EMAIL PROTECTED] > > Mark R. Diggory ~~~~~~~~~~~~~ DSpace Systems Manager MIT Libraries, Systems and Technology Services Massachusetts Institute of Technology ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ DSpace-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-tech
