Curs 11 - Servicii Web - Cursuri Automatica si...
Transcript of Curs 11 - Servicii Web - Cursuri Automatica si...
Moto
A journey of a thousand sites begins with a single click.
The Internet is full. Go away.
GSR Curs 11, Servicii Web 2/42
World Wide Web
Apache Web Server
Configurare Apache
Module Apache
Virtual Hosting
Securitate ın Apache
Incheiere
Intrebari
GSR Curs 11, Servicii Web 3/42
Suport
I “Unix and Linux System Administration”I Chapter 23 – Web Hosting
I “Professional Linux System Administration”I Chapter 11 – Web and SQL Services
GSR Curs 11, Servicii Web 4/42
Outline
World Wide Web
Apache Web Server
Configurare Apache
Module Apache
Virtual Hosting
Securitate ın Apache
Incheiere
Intrebari
GSR Curs 11, Servicii Web 5/42
WWW
I World Wide Web (Web, W3)
I serviciu din InternetI ret,ea (web) de informat, ie
I folosire de hyperlink-uri
I Sir Tim Berners-Lee, 1990, CERN
I W3C (World Wide Web Consortium)
I probabil cel mai utilizat protocol din Internet
I searchable Web vs. Invisible Web/Deep Web
I noiembrie 2011 – peste 150 de milioane de site-uri acctive
GSR Curs 11, Servicii Web 6/42
WWW (2)
I URLI Uniform Resource LocatorI localizarea unei resurseI
protocol://username:password@hostname:port/path/to/resource
I HTMLI Hypertext Markup LanguageI limbajul de descriere a paginilor web (cont, inut, format,
structura)
I HTTPI Hypertext Transfer ProtocolI protocolul folosit de WWWI sistem client/serverI portul 80I ınchiderea conexiunii
GSR Curs 11, Servicii Web 7/42
Servere web
I cunosc protocolul HTTP (HTTPS)
I implicit, asculta conexiuni pe portul 80
I Apache (cota de piat, a, funct, ionalitate)
I lighttpd (eficient, a)
I nginx (eficient, a)
I Microsoft IIS (Windows Server, suport)
I containere: Apache Tomcat
GSR Curs 11, Servicii Web 8/42
Client, i web
I browsere, navigatoare
I dezvoltate intens; utilizate des
I rendering engine
I ACID tests
I Internet Explorer, Firefox, Safari, Opera, Chrome
I CLI: lynx, w3m, links, elinks
I neinteractive: wget, curl (libcurl)
GSR Curs 11, Servicii Web 9/42
Alte concepte
I CGI, FGCI
I module pentru servere
I Javascript, AJAX
I HTTPS, SSL
I cookies
I sesiuni
GSR Curs 11, Servicii Web 10/42
Outline
World Wide Web
Apache Web Server
Configurare Apache
Module Apache
Virtual Hosting
Securitate ın Apache
Incheiere
Intrebari
GSR Curs 11, Servicii Web 11/42
Apache Web Server
I cel mai raspandit server web
I NCSA server, 1994
I A Patchy Web Server
I Apache Foundation
I Apache License
I apr, Tomcat, ant, hadoop
I versiunea actuala: 2.2.17
GSR Curs 11, Servicii Web 12/42
Pachete Debian
I apache2-utils, apache2.2-bin, apache2.2-common
I apache2-doc
I apache2-mpm-. . . (Multi-Processing Module)
I . . . prefork – non-threaded, pre-fork (pre-creare procesedaemon), stabil, compatibil
I . . . event – event-based, experimental
I . . . worker – thread-based, rapid, smaller memory footprint
GSR Curs 11, Servicii Web 13/42
Fis, iere de configurare
I /etc/apache2/ pe DebianI apache2.conf – main configuration file
I include fis, ierele/directoarele de mai jos
I httpd.conf – compatibilitate Apache1.x
I ports.conf
I conf.d/ – “generic snippets of statements”
GSR Curs 11, Servicii Web 14/42
Fis, iere de configurare (2)
I mods-available/, mods-enabled/ – configurare module
I sites-available/, sites-enabled/ – configurare site-uri (virtualhosts)
I envvars – variabile de mediu specificeI APACHE RUN USER, APACHE RUN GROUP,
APACHE PID FILE
I implicit, serverul ruleaza cu drepturile www-data:www-data
GSR Curs 11, Servicii Web 15/42
Interact, iune Apache
I fis, iere de configurare
I executabilul asociat este apache2I pentru interact, iune cu serverul
I apache2ctl start|stop|restart|status|configtestI /etc/init.d/apache2 start|stop|restart|status
I jurnalizareI /var/log/apache2/acces.logI /var/log/apache2/error.log
I a2enmod, a2dissmod – activare/dezactivare module
I a2ensite, a2dissite – activare/dezactivare site-uri (virtualhosts)
GSR Curs 11, Servicii Web 16/42
Outline
World Wide Web
Apache Web Server
Configurare Apache
Module Apache
Virtual Hosting
Securitate ın Apache
Incheiere
Intrebari
GSR Curs 11, Servicii Web 17/42
Sintaxa Apache
I NumeDirectiva ValoareI DocumentRootI ServerNameI ErrorLogI Redirect
I <Directiva . . .> . . .</Directiva>I <IfModule . . .> . . .</IfModule>I <Directory . . .> . . .</Directory>I <VirtualHost . . .> . . .</VirtualHost>
GSR Curs 11, Servicii Web 18/42
Configurare de baza
I /etc/apache2/apache2.confI <IfModule mpm . . .>I AccessFileName .htacesssI ErrorLogI CustomLog ın fis, ierele de site-uri (virtual hosts)I Include
I /etc/apache2/ports.confI NameVirtualHostI Listen
I /etc/apache2/conf.d/securityI ServerTokens
GSR Curs 11, Servicii Web 19/42
Configurare module
I apt-get install libapache2-mod-. . .
I /etc/apache2/mods-available/ – disponibile
I /etc/apache2/mods-enabled/ – active
I *.conf – configurare
I *.load – module efective
I a2enmod, a2dismod
GSR Curs 11, Servicii Web 20/42
Configurare module (2)
I mod dirI DirectoryIndex
I mod userdirI UserDir public htmlI UserDir disabled root
I mod autoindexI IndexOptions
GSR Curs 11, Servicii Web 21/42
Configurari de baza la nivel de site
I site = virtual host
I ServerName anaconda.cs.pub.ro
I ServerAdmin [email protected]
I DocumentRoom /var/www
I CustomLog, ErrorLog
I <Directory . . .> . . .</Directory>
GSR Curs 11, Servicii Web 22/42
Sect, iuni de configurare
I http://httpd.apache.org/docs/2.2/sections.html
I <Directory> . . .</Directory>
I <Location> . . .</Location>
I <Files> . . .</Files>I Options (nu ın <Files>)
I ExecCGI, Indexes, FollowSymLinks etc.
I AllowOverride (doar pentru Directory) (.htaccess)
I Order, Allow from, Deny from (Access control)
GSR Curs 11, Servicii Web 23/42
Outline
World Wide Web
Apache Web Server
Configurare Apache
Module Apache
Virtual Hosting
Securitate ın Apache
Incheiere
Intrebari
GSR Curs 11, Servicii Web 24/42
mod alias
I http://httpd.apache.org/docs/2.2/mod/mod_alias.html
Alias /doc /usr/share/doc
Alias /redmine /usr/local/lib/redmine
Alias /git /var/cache/git
AliasMatch ^/rl(|(/.*))$ /home/rl/www$1
Redirect /test http://newsite/test
RedirectMatch
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
ScriptAliasMatch
GSR Curs 11, Servicii Web 25/42
mod rewrite
I Despite the tons of examples and docs, mod rewrite isvoodoo. Damned cool voodoo, but still voodoo. (BrianMoore)
RewriteEngine On
RewriteBase /site/
RewriteRule ^foo\.html$ bar.html
RewriteCond %{HTTP_HOST} ^rosedu.org$
RewriteRule (.*) http://www.rosedu.org$1 [R=permanent,L]
GSR Curs 11, Servicii Web 26/42
CGI
I ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
I Options ExecCGI
I AddHandler cgi-script .cgi
I SetHandler cgi-scriptI mod cgid
I ScriptSock /var/run/cgid.sockI Unix MPMs only
I mod fcgid
GSR Curs 11, Servicii Web 27/42
Module pentru autentificare, autorizare
I auth basic, auth digest, auth pam, auth sasl, auth pgsql
I authn file, authnz ldap
I authz host, authz group
GSR Curs 11, Servicii Web 28/42
Outline
World Wide Web
Apache Web Server
Configurare Apache
Module Apache
Virtual Hosting
Securitate ın Apache
Incheiere
Intrebari
GSR Curs 11, Servicii Web 29/42
Configurare Virtual Hosting
I /etc/apache2/sites-available/
I /etc/apache2/sites-enabled/
I name based virtual hosting
I IP based virtual hosting
NameVirtualHost *:80
<VirtualHost *:80> ... </VirtualHost>
GSR Curs 11, Servicii Web 30/42
Virtual Hosting
I fis, ierele se creeaza ın /etc/apache2/sites-available/
I se recomanda sa aiba numele de host
I ServerName
I ServerAdmin
I DocumentRoot
I a2ensite, a2dissite
I se creeaza legaturi simbolice ın /etc/apache2/sites-enabled
GSR Curs 11, Servicii Web 31/42
Outline
World Wide Web
Apache Web Server
Configurare Apache
Module Apache
Virtual Hosting
Securitate ın Apache
Incheiere
Intrebari
GSR Curs 11, Servicii Web 32/42
Suport SSL
I <IfModule mod ssl.c>
I SSLEngine On
I SSLCertificateFile
I SSLCertificateKeyFileI Client Certificate Authentication
I SSLCACertificatePathI SSLCACertificateFile
GSR Curs 11, Servicii Web 33/42
Controlul accesului pe baza hostname-ului
I mod access
I <Directory>, <Files>, <Location>
I .htaccess
I Allow, Deny, OrderI three-pass access control system
I Order Allow, DenyI parse Allow rulesI parse Deny rulesI process requests that don’t match
GSR Curs 11, Servicii Web 34/42
Authorization, Authentication, Access Control
I authentication type (auth basic, auth digest) (AuthType)
I authentication provider (authn alias, authn dbd, authn file,authnz ldap) (AuthAuthUserFile, AuthLDAPUrl)
I authorization (authnz ldap, authz groupfile) (Require)
GSR Curs 11, Servicii Web 35/42
Exemplu auth*
AuthType Basic
AuthName "Restricted Files"
# (Following line optional)
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
Require user rbowen
GSR Curs 11, Servicii Web 36/42
Exemplu auth* LDAP
AuthType Basic
AuthName "LDAP Authentication"
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthLDAPURL "ldaps://swarm.cs.pub.ro:636/...
Require valid-user
GSR Curs 11, Servicii Web 37/42
WebDAV
I Distributed Authoring and Versioning
I a2enmod dav_fs, a2enmod dav
I write pentru www-data
I complementar cu autentificare (duh)
I DAV on
I utilitarul cadaver pentru test
GSR Curs 11, Servicii Web 38/42
Outline
World Wide Web
Apache Web Server
Configurare Apache
Module Apache
Virtual Hosting
Securitate ın Apache
Incheiere
Intrebari
GSR Curs 11, Servicii Web 39/42
Cuvinte cheie
I WWW/Web
I W3C
I URL
I HTML
I HTTP, HTTPS
I server web
I browser
I Apache
I /etc/apache2/
I apache2ctl
I module Apache
I a2enmod, a2dismod
I ServerName, DocumentRoot
I Alias, Redirect, ScriptAlias
I Directory, Location, Files
I mod rewrite
I CGI, FCGI
I virtual hosting
I a2ensite, a2dissite
I mod ssl
I access control
I .htaccess
I auth*
GSR Curs 11, Servicii Web 40/42
Resurse utile
I http://httpd.apache.org/docs/2.2/
GSR Curs 11, Servicii Web 41/42