--- loncom/loncapa.conf 2002/02/19 20:23:59 1.2
+++ loncom/loncapa.conf 2004/05/26 10:17:49 1.9
@@ -1,465 +1,106 @@
##
## loncapa.conf -- Apache HTTP LON-CAPA configuration file
##
-## $Id: loncapa.conf,v 1.2 2002/02/19 20:23:59 www Exp $
+## $Id: loncapa.conf,v 1.9 2004/05/26 10:17:49 foxr Exp $
##
-## 1/11/2002 - Scott Harrison
+# ======================================= Machine Specific / Perl Configuration
+#
+# ------------------------ The variable values are also read and shared by lond
+
+# LON-internal HostID of this machine
+
+PerlSetVar lonHostID {[[[[lonHostID]]]]}
+
+# Role of this machine: library, access
+
+PerlSetVar lonRole {[[[[lonRole]]]]}
+
+# Server Administration
+
+PerlSetVar lonAdmEMail {[[[[lonAdmEMail]]]]}
+
+# Default domain
+
+PerlSetVar lonDefDomain {[[[[lonDefDomain]]]]}
+
+# Load Limit ( 100% loadavg )
+
+PerlSetVar lonLoadLim {[[[[lonLoadLim]]]]}
+
+# User Load Limit ( 100% loadavg )
+
+PerlSetVar lonUserLoadLim {[[[[lonUserLoadLim]]]]}
+
+# Expiration for local copies and tokens in seconds
+
+PerlSetVar lonExpire {[[[[lonExpire]]]]}
+
+# Key to issue receipts
+
+PerlSetVar lonReceipt {[[[[lonReceipt]]]]}
+
+#
+# The variables below control the behavior of secure lond:
#
-# LON-CAPA Section (extensions to srm.conf name space servicing)
#
-# ================================================================= Directories
-# ------------------------------------------------------------- Access Handlers
+# londAllowInsecure allows lond to fall back to insecure connections
+# in the event its peer is not yet updated to secure lonc.
+# If you are certain all the systems you are communicating with
+# are using secure lonc, uncomment the first definition and
+# comment the second.
+
+# PerlSetVar londAllowInsecure {[[[[0]]]]}
+PerlSetVar londAllowInsecure {[[[[1]]]]}
+
+# loncAllowInsecure allows lonc to fall back to negotiating an insecure
+# connection with lond in the event the peer is not yet a secure lond.
+# If you are certain that all systems you are communicating with
+# are using secure lond, uncomment the next line and comment the
+# second:
+
+# PerlSetVar loncAllowInsecure {[[[[0]]]]}
+PerlSetVar loncAllowInsecure {[[[[1]]]]}
+
+#
+# Secure lond/lonc require ssl certificate and private
+# key files to function correctly. The certificate
+# files need not be terribly secure, but the private key files
+# should be set up so that only www (the lonc/lond effective user)
+# can read them.
+#
+# The definition below is the full path to the directory that
+# contains the certificate and key files:
+#
+PerlSetVar lonCertificateDirectory {[[[[/home/httpd/lonCerts]]]]}
+
+#
+# Secure lond/lonc require two certificates and a private host key.
+# The certificates required are that of the lonCAPA certificate authority
+# and the certificate that authority issued to this host.
+# lonnetCertificateAuthority is the name of the file that contains the
+# lonCAPA certificate authority's certificate.
+# lonnetCertificate is the name of the file that contains the certificate
+# issued to the host by the certificate authority.
+# Both of these variables are names of files assumed to be in
+# lonCertificateDirectory:
+
+PerlSetVar lonnetCertificateAuthority {[[[[loncapaCA.pem]]]]}
+PerlSetVar lonnetCertificate {[[[[lonhostcert.pem]]]]}
+
+#
+# To generate the request for a certificate, and to negotiate the
+# initial ssl connection, the host requires a private key. This key
+# is created at lonCAPA install time. Did we mention above that it
+# should be set so that only www can read it? The variale below
+# is the name of the file relative to lonnetCertificateDirectory
+# that has the host's private key. Did we remember to tell you to
+# keep the permissions on that file set to rw------- (0600)?
+#
-
-PerlAccessHandler Apache::lonacc
-PerlHeaderParserHandler Apache::lonrep
-ErrorDocument 403 /adm/login
-ErrorDocument 404 /adm/notfound.html
-ErrorDocument 406 /adm/roles
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::loncacc
-SetHandler perl-script
-PerlHandler Apache::lonconstruct
-ErrorDocument 403 /adm/login
-ErrorDocument 404 /adm/notfound.html
-ErrorDocument 406 /adm/unauthorized.html
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonracc
-
-
-
-PerlAccessHandler Apache::loncacc
-ErrorDocument 403 /adm/login
-ErrorDocument 404 /adm/notfound.html
-ErrorDocument 406 /adm/unauthorized.html
-ErrorDocument 500 /adm/errorhandler
-AllowOverride None
-
-
-# ------------------------------------------------------------------------- RAT
-
-
-SetHandler perl-script
-PerlHandler Apache::lonratedt
-
-
-
-SetHandler perl-script
-PerlHandler Apache::lonratedt
-
-
-
-SetHandler perl-script
-PerlHandler Apache::lonratsrv
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonratparms
-ErrorDocument 403 /adm/login
-ErrorDocument 500 /adm/errorhandler
-
-
-# --------------------------------------------- Resource Space Content Handlers
-
-
-SetHandler perl-script
-PerlHandler Apache::lonindexer
-
-
-
-SetHandler perl-script
-PerlHandler Apache::lontex
-
-
-
-SetHandler perl-script
-PerlHandler Apache::lonpage
-
-
-
-SetHandler perl-script
-PerlHandler Apache::lonsequence
-
-
-
-SetHandler perl-script
-PerlHandler Apache::lonmeta
-
-
-
-SetHandler perl-script
-PerlHandler Apache::lonxml
-
-
-
-SetHandler perl-script
-PerlHandler Apache::lonhomework
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonwrapper
-ErrorDocument 403 /adm/login
-ErrorDocument 500 /adm/errorhandler
-
-
-# -------------------------------------------------------------- Admin Programs
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonstatistics
-ErrorDocument 403 /adm/login
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonroles
-ErrorDocument 403 /adm/login
-ErrorDocument 500 /adm/errorhandler
-
-
-
-SetHandler perl-script
-PerlHandler Apache::lonlogin
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonlogout
-ErrorDocument 403 /adm/login
-
-
-
-SetHandler perl-script
-PerlHandler Apache::lonauth
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::admannotations
-ErrorDocument 403 /adm/login
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::admbookmarks
-ErrorDocument 403 /adm/login
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonpageflip
-ErrorDocument 406 /adm/roles
-ErrorDocument 403 /adm/login
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonambiguous
-ErrorDocument 403 /adm/login
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonmsg
-ErrorDocument 403 /adm/login
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonparmset
-ErrorDocument 403 /adm/login
-ErrorDocument 406 /adm/roles
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::grades
-ErrorDocument 403 /adm/login
-ErrorDocument 406 /adm/roles
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::loncreatecourse
-ErrorDocument 403 /adm/login
-ErrorDocument 406 /adm/roles
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::loncreateuser
-ErrorDocument 403 /adm/login
-ErrorDocument 406 /adm/roles
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonpublisher
-ErrorDocument 403 /adm/login
-ErrorDocument 404 /adm/notfound.html
-ErrorDocument 406 /adm/unauthorized.html
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::loncacc
-SetHandler perl-script
-PerlHandler Apache::lonpubdir
-ErrorDocument 403 /adm/login
-ErrorDocument 404 /adm/notfound.html
-ErrorDocument 406 /adm/unauthorized.html
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonpubdir
-ErrorDocument 403 /adm/login
-ErrorDocument 404 /adm/notfound.html
-ErrorDocument 406 /adm/unauthorized.html
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonretrieve
-ErrorDocument 403 /adm/login
-ErrorDocument 404 /adm/notfound.html
-ErrorDocument 406 /adm/unauthorized.html
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::loncfile
-ErrorDocument 403 /adm/login
-ErrorDocument 404 /adm/notfound.html
-ErrorDocument 406 /adm/unauthorized.html
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::londiff
-ErrorDocument 403 /adm/login
-ErrorDocument 404 /adm/notfound.html
-ErrorDocument 406 /adm/unauthorized.html
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonupload
-ErrorDocument 403 /adm/login
-ErrorDocument 404 /adm/notfound.html
-ErrorDocument 406 /adm/unauthorized.html
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonspreadsheet
-ErrorDocument 403 /adm/login
-ErrorDocument 406 /adm/roles
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonspreadsheet
-ErrorDocument 403 /adm/login
-ErrorDocument 406 /adm/roles
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonspreadsheet
-ErrorDocument 403 /adm/login
-ErrorDocument 406 /adm/roles
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonchart
-ErrorDocument 403 /adm/login
-ErrorDocument 406 /adm/roles
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::londropadd
-ErrorDocument 403 /adm/login
-ErrorDocument 406 /adm/roles
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonprintout
-ErrorDocument 403 /adm/login
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonfeedback
-ErrorDocument 403 /adm/login
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonevaluate
-ErrorDocument 403 /adm/login
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonpreferences
-ErrorDocument 403 /adm/login
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonassignments
-ErrorDocument 403 /adm/login
-ErrorDocument 406 /adm/roles
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::loncommunicate
-ErrorDocument 403 /adm/login
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonsearchcat
-ErrorDocument 403 /adm/login
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::lonnavmaps
-ErrorDocument 403 /adm/login
-ErrorDocument 406 /adm/roles
-ErrorDocument 500 /adm/errorhandler
-
-
-
-PerlAccessHandler Apache::lonacc
-SetHandler perl-script
-PerlHandler Apache::groupsort
-ErrorDocument 403 /adm/login
-ErrorDocument 500 /adm/errorhandler
-
-
-
-SetHandler perl-script
-PerlHandler Apache::lonerrorhandler
-
-
-# ------------------------------------------------- Backdoor Adm Tests/Programs
-
-
-AuthName "LON-CAPA Network Administration"
-AuthType Basic
-AuthUserFile /home/httpd/lonTabs/htpasswd
-require user lonadm
-
-
-
-AuthName "LON-CAPA Network Administration"
-AuthType Basic
-AuthUserFile /home/httpd/lonTabs/htpasswd
-require user lonadm
-
-
-
-AuthName "LON-CAPA Network Administration"
-AuthType Basic
-AuthUserFile /home/httpd/lonTabs/htpasswd
-require user lonadm
-
-
-
-AuthName "LON-CAPA Network Administration"
-AuthType Basic
-AuthUserFile /home/httpd/lonTabs/htpasswd
-require user lonadm
-
-
-
-AuthName "LON-CAPA Network Administration"
-AuthType Basic
-AuthUserFile /home/httpd/lonTabs/htpasswd
-require user lonadm
-SetHandler perl-script
-PerlAccessHandler Apache::lonacc
-PerlHandler Apache::lontest
-
+PerlSetVar lonnetPrivateKey {[[[[lonKey.pem]]]]}
-# ------------------------------------------------------- Shutting down a child
+# Did we mention that the file described above must have
+# permissions really locked down so that it can't be stolen?
-PerlChildExitHandler Apache::lonnet::goodbye