Managing iFolder Services via Web Admin
139
no
vd
ocx
(e
n)
13
Ma
y 20
09
The communication between the Web Admin server and the iFolder enterprise server is determined
during the YaST configuration of the Web Admin server. Specify an https:// in the URL for the
enterprise server for SSL (HTTPS) communications between the servers. Traffic between the two
servers is secure. If you specify an http:// in the URL, HTTP is used for communications between
the servers and traffic is insecure.
The setting is stored in the
/opt/novell/ifolder3/lib/simias/webAdmin/Web.config
file
under the following tag:
<add key="SimiasUrl" value="https://localhost" />
<add key="SimiasCert" value=<
raw certificate data in base 64 encoding
> />
If you disable SSL between Web Admin server and the enterprise server and if the two servers are
on different machines, you must also disable the iFolder server SSL requirement. Because the
enterprise SSL setting also controls the traffic between the enterprise server and the client, all Web
traffic between servers and between the clients and the enterprise server would be insecure.
IMPORTANT:
Do not disable SSL on the Web Admin server if the servers are on different
machines.
If the two servers are running on the same machine and you want to disable SSL, rerun the YaST
configuration, and specify
http://localhost
as the URL for the enterprise server.
10.7.4 Configuring the Web Admin Server for SSL
Communications with Web Browsers
The iFolder 3.7 Web Admin server requires a secure connection between the user’s Web browser
and the Web Admin server. The SSL connection supports the secure exchange of data. For most
deployments, this setting should not be changed because iFolder uses HTTP BASIC for
authentication, which means passwords are sent to the server in the clear. Without SSL encryption,
the iFolder data is also sent in the clear.
The following Rewrite parameters control this behavior and are located in the
/etc/apache2/
conf.d/ifolder_web.conf
file:
LoadModule rewrite_module /usr/lib/apache2/mod_rewrite.so
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/ifolder/(.*) https://%{SERVER_NAME}/ifolder/$1 [R,L]
To disable the requirement for SSL connections, you can comment out these Rewrite command lines
in the
ifolder_web.conf
file. Placing a pound sign (
#
) at the beginning of each line renders it as a
comment.
WARNING:
Without an SSL connection, traffic between a user’s Web browser and the Web Admin
server is not secure.
To disable the SSL requirement:
1
Stop the iFolder Web Admin services.
Содержание IFOLDER 3.7 - SECURITY ADMINISTRATION
Страница 12: ...12 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Страница 24: ...24 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Страница 38: ...38 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Страница 98: ...98 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Страница 100: ...100 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Страница 102: ...102 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Страница 162: ...162 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Страница 168: ...168 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Страница 172: ...172 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Страница 182: ...182 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Страница 184: ...184 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Страница 196: ...196 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Страница 202: ...202 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Страница 216: ...216 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...