|
|
 |
 |
Each user account will have two web directories, www and www-dev. The production site goes in the www folder and can be accessed at http://web.uvic.ca/~$user or htps://web.uvic.ca/~$user. The development site serves up content from the www-dev folder and can be access by going to http://web.uvic.ca:8080/~$user or https://web.uvic.ca:8443/~$user.
If an IP name is associated with the account, access to production and development is similar. For example, the production helpdesk.uvic.ca web site can be accessed via http://helpdesk.uvic.ca and the development site can be accessed via http://helpdesk.uvic.ca:8080.
The web cluster has been configured to use LDAP authentication by default. This can be setup by adding the following to an .htaccess which can be placed in any directory that requires password protection. To allow anyone with a valid netlink ID use:
require valid-user
To allow specific netlink ID's, separate each neltink ID by a space:
require user jdoe jsmith
The final method uses LDAP attributes to authorize what users can access your site. To only allow staff you would use:
require ldap-attribute eduPersonAffiliation=staff
Multiple attributes can be used to provide more flexibility. Each attribute should be separated by a space and they act as an OR. For example, if you wanted to allow all alum and undergraduate_student you would use:
require ldap-attribute eduPersonAffiliation=alum eduPersonAffiliation=undergraduate_student
For more complex authorizations, consult the mod_authnz_ldap Apache docs.
Available attributes are:
* staff * instructional_staff * non_instructional_staff * faculty * student * undergraduate_student * graduate_student * continuing_studies_student * alum * contractor * employee * employee_agency * DEPT-CODE_employeeFor an updated list go to https://share.uvic.ca/CASS/comp/ust/idam/blog/Lists/Posts/Post.aspx?ID=76
Because the web cluster nodes are behind the load balancer, regular SSL redirects will not always work. If SSL redirects are required please contact sysadmin@uvic.ca and confirm the the appropriate iRules have been setup for your site. Once that has been confirmed you can setup SSL redirects in your .htaccess as follows:
RewriteEngine On
RewriteCond %{HTTP:UVLBHTTPS} !^1$
RewriteRule ^(.*)$ https://web.uvic.ca/~jdoe/$1
In the above example the .htaccess would be in the www folder of the user jdoe. When a request comes in for this URL it will check the UVLBHTTPS HTTP header to see if the request was SSL (UVLBHTTPS = 1) or non-SSL (UVLBHTTPS = 0). If it was non-SSL then it would be redirected to SSL and the RewriteCond would now be false.
The cluster nodes have access to the general purpose MySQL and Postgres servers. Databases can be requested by contacting sysadmin@uvic.ca. If you already have a MySQL DB then it is likely already accessible by the web cluster and can be administered via phpMyAdmin for mySQL and web.uvic.ca/phpPgAdmin for PostgreSQL.
MySQL Server: csmgenr2.uvic.ca
Postgres Server: cspgenr2.uvic.ca
The web cluster currently has two PHP versions 5.4.16 maintained by Redhat and 7.1 maintained by Redhat. The default version is now PHP 5, but if PHP 7.1 is required a change to the .htaccess at the root of the site can be made to specify PHP 71/5.
To specify version 7.1:
SetEnv UVPHP_VERSION 71
To specify version 5 (the default so you don't have to have this line):
SetEnv UVPHP_VERSION 5
| Stay Informed! Browse to http://helpdesk.uvic.ca and click System Messages for current System Status information. If you would like to receive status messages by email, subscribe by clicking the Mail Subscription link on the Status Messages page. |
|
|
|
|