Curs 11Servicii Web

Gestiunea Serviciilor de Ret,ea

5 ianuarie 2012

GSR Curs 11, Servicii Web 1/42

Moto

A journey of a thousand sites begins with a single click.

The Internet is full. Go away.

GSR Curs 11, Servicii Web 2/42

World Wide Web

Apache Web Server

Configurare Apache

Module Apache

Virtual Hosting

Securitate ın Apache

Incheiere

Intrebari

GSR Curs 11, Servicii Web 3/42

Suport

I “Unix and Linux System Administration”I Chapter 23 – Web Hosting

I “Professional Linux System Administration”I Chapter 11 – Web and SQL Services

GSR Curs 11, Servicii Web 4/42

Outline

World Wide Web

Apache Web Server

Configurare Apache

Module Apache

Virtual Hosting

Securitate ın Apache

Incheiere

Intrebari

GSR Curs 11, Servicii Web 5/42

WWW

I World Wide Web (Web, W3)

I serviciu din InternetI ret,ea (web) de informat, ie

I folosire de hyperlink-uri

I Sir Tim Berners-Lee, 1990, CERN

I W3C (World Wide Web Consortium)

I probabil cel mai utilizat protocol din Internet

I searchable Web vs. Invisible Web/Deep Web

I noiembrie 2011 – peste 150 de milioane de site-uri acctive

GSR Curs 11, Servicii Web 6/42

WWW (2)

I URLI Uniform Resource LocatorI localizarea unei resurseI

protocol://username:password@hostname:port/path/to/resource

I HTMLI Hypertext Markup LanguageI limbajul de descriere a paginilor web (cont, inut, format,

structura)

I HTTPI Hypertext Transfer ProtocolI protocolul folosit de WWWI sistem client/serverI portul 80I ınchiderea conexiunii

GSR Curs 11, Servicii Web 7/42

Servere web

I cunosc protocolul HTTP (HTTPS)

I implicit, asculta conexiuni pe portul 80

I Apache (cota de piat, a, funct, ionalitate)

I lighttpd (eficient, a)

I nginx (eficient, a)

I Microsoft IIS (Windows Server, suport)

I containere: Apache Tomcat

GSR Curs 11, Servicii Web 8/42

Client, i web

I browsere, navigatoare

I dezvoltate intens; utilizate des

I rendering engine

I ACID tests

I Internet Explorer, Firefox, Safari, Opera, Chrome

I CLI: lynx, w3m, links, elinks

I neinteractive: wget, curl (libcurl)

GSR Curs 11, Servicii Web 9/42

Alte concepte

I CGI, FGCI

I module pentru servere

I Javascript, AJAX

I HTTPS, SSL

I cookies

I sesiuni

GSR Curs 11, Servicii Web 10/42

Outline

World Wide Web

Apache Web Server

Configurare Apache

Module Apache

Virtual Hosting

Securitate ın Apache

Incheiere

Intrebari

GSR Curs 11, Servicii Web 11/42

Apache Web Server

I cel mai raspandit server web

I NCSA server, 1994

I A Patchy Web Server

I Apache Foundation

I Apache License

I apr, Tomcat, ant, hadoop

I versiunea actuala: 2.2.17

GSR Curs 11, Servicii Web 12/42

Pachete Debian

I apache2-utils, apache2.2-bin, apache2.2-common

I apache2-doc

I apache2-mpm-. . . (Multi-Processing Module)

I . . . prefork – non-threaded, pre-fork (pre-creare procesedaemon), stabil, compatibil

I . . . event – event-based, experimental

I . . . worker – thread-based, rapid, smaller memory footprint

GSR Curs 11, Servicii Web 13/42

Fis, iere de configurare

I /etc/apache2/ pe DebianI apache2.conf – main configuration file

I include fis, ierele/directoarele de mai jos

I httpd.conf – compatibilitate Apache1.x

I ports.conf

I conf.d/ – “generic snippets of statements”

GSR Curs 11, Servicii Web 14/42

Fis, iere de configurare (2)

I mods-available/, mods-enabled/ – configurare module

I sites-available/, sites-enabled/ – configurare site-uri (virtualhosts)

I envvars – variabile de mediu specificeI APACHE RUN USER, APACHE RUN GROUP,

APACHE PID FILE

I implicit, serverul ruleaza cu drepturile www-data:www-data

GSR Curs 11, Servicii Web 15/42

Interact, iune Apache

I fis, iere de configurare

I executabilul asociat este apache2I pentru interact, iune cu serverul

I apache2ctl start|stop|restart|status|configtestI /etc/init.d/apache2 start|stop|restart|status

I jurnalizareI /var/log/apache2/acces.logI /var/log/apache2/error.log

I a2enmod, a2dissmod – activare/dezactivare module

I a2ensite, a2dissite – activare/dezactivare site-uri (virtualhosts)

GSR Curs 11, Servicii Web 16/42

Outline

World Wide Web

Apache Web Server

Configurare Apache

Module Apache

Virtual Hosting

Securitate ın Apache

Incheiere

Intrebari

GSR Curs 11, Servicii Web 17/42

Sintaxa Apache

I NumeDirectiva ValoareI DocumentRootI ServerNameI ErrorLogI Redirect

I <Directiva . . .> . . .</Directiva>I <IfModule . . .> . . .</IfModule>I <Directory . . .> . . .</Directory>I <VirtualHost . . .> . . .</VirtualHost>

GSR Curs 11, Servicii Web 18/42

Configurare de baza

I /etc/apache2/apache2.confI <IfModule mpm . . .>I AccessFileName .htacesssI ErrorLogI CustomLog ın fis, ierele de site-uri (virtual hosts)I Include

I /etc/apache2/ports.confI NameVirtualHostI Listen

I /etc/apache2/conf.d/securityI ServerTokens

GSR Curs 11, Servicii Web 19/42

Configurare module

I apt-get install libapache2-mod-. . .

I /etc/apache2/mods-available/ – disponibile

I /etc/apache2/mods-enabled/ – active

I *.conf – configurare

I *.load – module efective

I a2enmod, a2dismod

GSR Curs 11, Servicii Web 20/42

Configurare module (2)

I mod dirI DirectoryIndex

I mod userdirI UserDir public htmlI UserDir disabled root

I mod autoindexI IndexOptions

GSR Curs 11, Servicii Web 21/42

Configurari de baza la nivel de site

I site = virtual host

I ServerName anaconda.cs.pub.ro

I ServerAdmin webmaster@anaconda.cs.pub.ro

I DocumentRoom /var/www

I CustomLog, ErrorLog

I <Directory . . .> . . .</Directory>

GSR Curs 11, Servicii Web 22/42

Sect, iuni de configurare

I http://httpd.apache.org/docs/2.2/sections.html

I <Directory> . . .</Directory>

I <Location> . . .</Location>

I <Files> . . .</Files>I Options (nu ın <Files>)

I ExecCGI, Indexes, FollowSymLinks etc.

I AllowOverride (doar pentru Directory) (.htaccess)

I Order, Allow from, Deny from (Access control)

GSR Curs 11, Servicii Web 23/42

Outline

World Wide Web

Apache Web Server

Configurare Apache

Module Apache

Virtual Hosting

Securitate ın Apache

Incheiere

Intrebari

GSR Curs 11, Servicii Web 24/42

mod alias

I http://httpd.apache.org/docs/2.2/mod/mod_alias.html

Alias /doc /usr/share/doc

Alias /redmine /usr/local/lib/redmine

Alias /git /var/cache/git

AliasMatch ^/rl(|(/.*))$ /home/rl/www$1

Redirect /test http://newsite/test

RedirectMatch

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/

ScriptAliasMatch

GSR Curs 11, Servicii Web 25/42

mod rewrite

I Despite the tons of examples and docs, mod rewrite isvoodoo. Damned cool voodoo, but still voodoo. (BrianMoore)

RewriteEngine On

RewriteBase /site/

RewriteRule ^foo\.html$ bar.html

RewriteCond %{HTTP_HOST} ^rosedu.org$

RewriteRule (.*) http://www.rosedu.org$1 [R=permanent,L]

GSR Curs 11, Servicii Web 26/42

CGI

I ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/

I Options ExecCGI

I AddHandler cgi-script .cgi

I SetHandler cgi-scriptI mod cgid

I ScriptSock /var/run/cgid.sockI Unix MPMs only

I mod fcgid

GSR Curs 11, Servicii Web 27/42

Module pentru autentificare, autorizare

I auth basic, auth digest, auth pam, auth sasl, auth pgsql

I authn file, authnz ldap

I authz host, authz group

GSR Curs 11, Servicii Web 28/42

Outline

World Wide Web

Apache Web Server

Configurare Apache

Module Apache

Virtual Hosting

Securitate ın Apache

Incheiere

Intrebari

GSR Curs 11, Servicii Web 29/42

Configurare Virtual Hosting

I /etc/apache2/sites-available/

I /etc/apache2/sites-enabled/

I name based virtual hosting

I IP based virtual hosting

NameVirtualHost *:80

<VirtualHost *:80> ... </VirtualHost>

GSR Curs 11, Servicii Web 30/42

Virtual Hosting

I fis, ierele se creeaza ın /etc/apache2/sites-available/

I se recomanda sa aiba numele de host

I ServerName

I ServerAdmin

I DocumentRoot

I a2ensite, a2dissite

I se creeaza legaturi simbolice ın /etc/apache2/sites-enabled

GSR Curs 11, Servicii Web 31/42

Outline

World Wide Web

Apache Web Server

Configurare Apache

Module Apache

Virtual Hosting

Securitate ın Apache

Incheiere

Intrebari

GSR Curs 11, Servicii Web 32/42

Suport SSL

I <IfModule mod ssl.c>

I SSLEngine On

I SSLCertificateFile

I SSLCertificateKeyFileI Client Certificate Authentication

I SSLCACertificatePathI SSLCACertificateFile

GSR Curs 11, Servicii Web 33/42

Controlul accesului pe baza hostname-ului

I mod access

I <Directory>, <Files>, <Location>

I .htaccess

I Allow, Deny, OrderI three-pass access control system

I Order Allow, DenyI parse Allow rulesI parse Deny rulesI process requests that don’t match

GSR Curs 11, Servicii Web 34/42

Authorization, Authentication, Access Control

I authentication type (auth basic, auth digest) (AuthType)

I authentication provider (authn alias, authn dbd, authn file,authnz ldap) (AuthAuthUserFile, AuthLDAPUrl)

I authorization (authnz ldap, authz groupfile) (Require)

GSR Curs 11, Servicii Web 35/42

Exemplu auth*

AuthType Basic

AuthName "Restricted Files"

# (Following line optional)

AuthBasicProvider file

AuthUserFile /usr/local/apache/passwd/passwords

Require user rbowen

GSR Curs 11, Servicii Web 36/42

Exemplu auth* LDAP

AuthType Basic

AuthName "LDAP Authentication"

AuthBasicProvider ldap

AuthzLDAPAuthoritative on

AuthLDAPURL "ldaps://swarm.cs.pub.ro:636/...

Require valid-user

GSR Curs 11, Servicii Web 37/42

WebDAV

I Distributed Authoring and Versioning

I a2enmod dav_fs, a2enmod dav

I write pentru www-data

I complementar cu autentificare (duh)

I DAV on

I utilitarul cadaver pentru test

GSR Curs 11, Servicii Web 38/42

Outline

World Wide Web

Apache Web Server

Configurare Apache

Module Apache

Virtual Hosting

Securitate ın Apache

Incheiere

Intrebari

GSR Curs 11, Servicii Web 39/42

Cuvinte cheie

I WWW/Web

I W3C

I URL

I HTML

I HTTP, HTTPS

I server web

I browser

I Apache

I /etc/apache2/

I apache2ctl

I module Apache

I a2enmod, a2dismod

I ServerName, DocumentRoot

I Alias, Redirect, ScriptAlias

I Directory, Location, Files

I mod rewrite

I CGI, FCGI

I virtual hosting

I a2ensite, a2dissite

I mod ssl

I access control

I .htaccess

I auth*

GSR Curs 11, Servicii Web 40/42

Resurse utile

I http://httpd.apache.org/docs/2.2/

GSR Curs 11, Servicii Web 41/42

Outline

World Wide Web

Apache Web Server

Configurare Apache

Module Apache

Virtual Hosting

Securitate ın Apache

Incheiere

Intrebari

GSR Curs 11, Servicii Web 42/42