test

Sun WebServer 安裝手冊 Solaris Easy Access Server 版

Sun WebServer 轉換

以下範例示範 Sun WebServer 1.0 httpd.confaccess.acl 轉換成 Sun WebServer 2.0 的完整過程。除非轉換需要用到新的 2.0 設定指引,否則新的 2.0 設定指令在以下範例中一律不予處理。

Sun WebServer 1.0 httpd.conf 轉換成 2.0

  1. 假設以下 Sun WebServer 1.0 /etc/http/httpd.conf 檔案: 


    server {
	server_root								"/var/http/demo"
	server_user								"root"
	mime_file										"/etc/http/mime.types"
	mime_default_type			text/html

	acl_enable									"yes"
	acl_file											"/etc/http/access.acl"
	acl_delegate_depth		3
	cache_enable							"yes"
	cache_small_file_cache_size	8
	cache_large_file_cache_size	256
	cache_max_file_size									1
	cache_verification_time					10

	map			 /cgi-bin/					/var/http/demo/cgi-bin/			cgi
	map				/sws-icons/			/var/http/demo/sws-icons/

	mime_add		"appication/java"				class
	mime_add		"audio/basic"								au
	mime_add		"audio/basic"								snd
}

url {
	doc_root									 "/var/http/demo/public"
	user_doc_enable			"no"
	user_doc_root					"public_html"
	cgi_enable							 "no"
	cgi_dns_enable		"no"
	cgi_suffix_enable	    "no"
	cgi_user										"nobody"
	log_type										"elf"
	log_prefix								"/var/http/logs/http"
	log_max_files						7
	log_cycle_time					1440
	log_max_file_size		1048576
	ssi_enable									"no"
	ssi_exec											"no"
	ssi_xbithack							"off"

	mime_add								"application/x-csh"		csh
	mime_add								"application/xsh"				sh
}

url //widgets {
	doc_root								 "/var/http/widgets/public"
	user_doc_enable		"yes"
	user_doc_root				"public_html"
	cgi_enable						 "yes"
	cgi_dns_enable			"yes"
	cgi_suffix_enable	 "yes"
	cgi_user									"nobody"

	log_type								"clf"
	log_prefix						"/var/http/logs/widgets"
	log_max_files				7
	log_cycle_time			1440
	log_max_file_size		1048576
	ssi_enable							"yes"
	ssi_exec									"yes"
	ssi_xbithack					"full"

	map 		/cgi-bin/				/var/http/widgets/cgi-bin/		cgi
	map 		/sws-icons/		/var/http/widgets/sws-icons/
}

port 80 {
	keepalive_enable			"yes"
	request_timeout				180
}

port 1880 {
	ip_address										129.128.127.126
	keepalive_enable			"yes"
	request_timeout				180
	hosts_supported				widgets
}

  2. 建立一個新的伺服器以便轉換(以 1.0 的設定值為新伺服器而建立的配置檔案,我們將予以修改):


    #htserver add "server1"

  3. 加入一個站台: 


    # hthost add -i server1 -h widgets \
	-s /var/http/server1/websites/widgets

  4. 修改伺服器層級檔案 /etc/http/server1.httpd.conf


    server {
	server_root						"/var/http/server1/"
	server_user						"root"
	mime_file								"/etc/http/mime.types"
	mime_default_type	 	text/html
	access_enable					"yes"
	cache_enable						"yes"
	cache_small_file_cache_size		8
	cache_large_file_cache_size		256
	cache_max_file_size									 1
	cache_verification_time					 10
}

url {
	site_path					/var/http/server1/websites/default_site
	site_config			"conf/default_site.site.conf"
	site_enable			"yes"
}

url //widgets {
	site_enable				"yes"
	site_path						"/var/http/server1/websites/widgets"
	site_config				"conf/widgets.site.conf"
	conn_end_points	129.128.127.126:1880 :80
}

port 80 {
	ip_address							0.0.0.0
	keepalive_enable	"yes"
	request_timeout		180
}

port 1880 {
	ip_address						129.128.127.126
	keepalive_enable	"yes"
	request_timeout			180
}

  5. 修改 /etc/http/mime.types


    application/java				class
audio/basic									au snd

  6. 修改 /var/http/server1/websites/default_site/conf/default_site.site.conf


    url {
	doc_root						/var/http/demo/public

	map_file						conf/map.conf
	realm_file				conf/realms.conf
	access_file			conf/access.conf
	content_file		conf/content.conf
	mime_file					conf/mime.types

	user_doc_enable		"no"
	user_doc_root				"public_html"
	cgi_enable							"no"
	cgi_dns_enable			"no"
	cgi_suffix_enable	"no"
	cgi_user									"nobody"
	log_type									"elf"
	log_prefix							"/var/http/server1/logs/default"
	log_max_files					7
	log_cycle_time				1440
	log_max_file_size	 1048576
	ssi_enable							"no"
	ssi_exec									"no"
	ssi_xbithack					"off"
}

  7. 建立 /var/http/server1/websites/default_site/conf/mime.types


    application/x-csh			csh
application/x-sh				sh

  8. 修改 /var/http/server1/websites/default_site/conf/map.conf


    map 		/cgi-bin/				 /var/http/demo/cgi-bin/		cgi
map			/sws-icons/			/var/http/demo/sws-icons/

  9. 修改 /var/http/server1/websites/widgets/conf/widgets.site.conf


    url {
	doc_root						/var/http/widgets/public

	map_file						conf/map.conf
	realm_file				conf/realms.conf
	access_file			conf/access.conf
	content_file		conf/content.conf
	mime_file					conf/mime.types

	user_doc_enable			"yes"
	cgi_enable							 "yes"
	cgi_dns_enable				"yes"
	cgi_suffix_enable	 "yes"
	cgi_user									 "nobody"
	log_type									 "clf"
	log_prefix							 "/var/http/server1/logs/widgets"
	log_max_files					7
	log_cycle_time				1440
	log_max_file_size		1048576
	ssi_enable								"yes"
	ssi_exec										"yes"
	ssi_xbithack					  "full"
}

  10. 修改 /var/http/server1/websites/widgets/conf/map.conf


    map 	/cgi-bin/				 /var/http/widgets/cgi-bin/ 	cgi
map 	/sws-icons/			/var/http/widgets/sws-icons/
Sun WebServer 1.0 access.acl 轉換成 2.0

  1. 假設以下 Sun WebServer 1.0 /etc/http/access.acl 檔案以及 /var/http/widgets/widgets.acl委託檔案:

    • /etc/http/access.acl: 


      url "/sws-administration" {
	authentication_type			md5
	realm																serverAdmin
	password_file								 /etc/http/swsadmin.pw
	+ user															 *
}

url "/statistics" {
	authentication_type			basic
	realm																statsRealm
	password_file								/var/http/demo/stats/usrs
	group_file											/var/http/demo/stats/grps
	+ user															*
}

url "//widgets" {
	delegate										/var/http/widgets/widgets.acl
}

    • /var/http/widgets/widgets.acl: 


      url "/" {
	authentication_type			basic
	realm																widgetsRealm
	password_file								/var/http/widgets/users
	group_file											/var/http/widgets/groups

	+ user						 *
	- user						 Joe
	- group						thoseDenied
}

  2. 建立一個整體serverAdmin領域(在 /etc/http/realms/ 中),並將其使用者檔案換成 /etc/http/swsadmin.pw

    註解 -

    若已經有這個領域,只要執行複製指令即可。 


    # htrealm add -r serverAdmin -s HTPASSWD
# cp /etc/http/swsadmin.pw /etc/http/realms/serverAdmin/users

  3. 建立一個整體 statsRealm,並以設定於上述 "/statistics" URL 中的檔案取代其 users 與 groups 檔案。將此新的領域加入內定站台以及 widget 的 realms.conf 檔案內:

    註解 -

    底下的<hostname> 是指工作站的 主機名稱,用以設定內定站台。


    # htrealm add -r statsRealm -s HTPASSWD
# cp /var/http/demo/stats/usrs /etc/http/realms/statsRealm/users
# cp /var/http/demo/stats/grps /etc/http/realms/statsRealm/groups
# htrealm add -i server1 -h widgets -r statsRealm \
	-s HTPASSWD -d /etc/http/realms/statsRealm
# htrealm add -i server1 -h <主機名稱> -r statsRealm \
	-s HTPASSWD -d /etc/http/realms/statsRealm

  4. 在此 widgets 站台建立一個區域 widgets 領域 ,並以上述檔案取代其 users 與 groups 檔案: 


    # htrealm add -i server1 -h widgets -r widgets領域 -s HTPASSWD
# cp /var/http/widgets/users \
	var/http/server1/websites/widgets/conf/realms/widgetsRealm/
# cp /var/http/widgets/groups \
	/var/http/server1/websites/widgets/conf/realms/widgetsRealm/

  5. 修改 /etc/http/access.conf


    url /sws-administration {
	authentication_type				md5
	realm																	serverAdmin

	+ user																*
}

  6. 修改 /var/http/server1/websites/default_site/conf/access.conf


    # Specify /sws-administration ACL here for site administration,
# 	create a siteAdmin realm and add administrators to that realm
# url "/sws-administration" {
# 	authentication_type			md5
# 	realm																siteAdmin
# 	+ user															*
# }

url "/statistics" {
	authentication_type				basic
	realm 																statsRealm

	+ user																*
}

  7. 修改 /var/http/server1/websites/widgets/conf/access.conf


    # Specify /sws-administration ACL here for site administration
url "/statistics" {
	authentication_type				basic
	realm																	statsRealm

	+ user															*
}

url "/" {
	authentication_type				basic
	realm															 		widgetsRealm

	+ user																*
	- user																Joe
	- group															thoseDenied
}