- From: Yves Lafon <ylafon@w3.org>
- Date: Thu, 27 Apr 2000 04:32:46 +0200 (MET DST)
- To: "Robert W. Bill" <rbill@digisprings.com>
- cc: www-jigsaw@w3.org
On Wed, 5 Apr 2000, Robert W. Bill wrote:
> Hello,
>
> I have been stumbling on a few problems with proxy + webserver
> setup.
>
> Problem #1- I'm unable to get Jigsaw working as a proxy server without
> disabling it's ability to serve local web pages. Is there a way to get
> both with one server?
Yes, it is possible, you have to put "root" in the
"local-root" configuration of the proxy frame. When the Host: header sent
to the server matches the one of the server (either inferred, or set up in
general properties, you can see it in the startup message of Jigsaw), then
it will use the previous root to start doing the resolution, instead of
proxying it. Note that foo.example.com and foo are not the same, but the
server will check that anyway.
> Problem #2- I need to authenticate proxy access based on the requested
> URL, but the auth frames all check against IP. The eventual goal is to do
> digest auth on the proxy that checks a db for the list of urls a user is
> allowed to go- not on the IP they are coming from. Any hints appreciated
> :)
The auth frame allows password authentication OR ip authentication,
however if you are using the new version of those filters (ACLFilter), you
have the possibility to select the "security level". In that case, level 0
is basic auth, level1 is digest auth. see
http://www.w3.org/Jigsaw/Doc/Reference/org.w3c.jigsaw.acl.AclFilter.html
The right way to use an AclFilter is to add it, then attach an AclRealm to
it, this AclRealm will contain the realm settings, multiple frames may be
attached to the AclFilter, and the result can be ORed or ANDed to produce
the authentication needed.
Regards,
/\ - Yves Lafon - World Wide Web Consortium -
/\ / \ Architecture Domain - Jigsaw Activity Leader
/ \ \/\
/ \ / \ http://www.w3.org/People/Lafon - ylafon@w3.org
Received on Wednesday, 26 April 2000 22:32:53 UTC