[LON-CAPA-admin] secure login to LON-CAPA using LDAP

Michael W Edwards mwedward at uiuc.edu
Mon Oct 16 10:33:23 EDT 2006 

We're running SLES9 w/ https here at UIUC.  Currently we're at 2.2.1 w/ some fixes care of Guy (and look to hit the 2.2.2 release here shortly).

What are you having issues with?

Mike
> -----Original Message-----
> From: lon-capa-admin-admin at mail.lon-capa.org [mailto:lon-capa-admin-
> admin at mail.lon-capa.org] On Behalf Of Stefan Bisitz
> Sent: Monday, October 16, 2006 8:57 AM
> To: lon-capa-admin at mail.lon-capa.org
> Subject: Re: [LON-CAPA-admin] secure login to LON-CAPA using LDAP
> 
> [...]
> > > Best solution, I was told, is to run whole LON-CAPA under https. At
> > > least, changing the user login to https is a must.
> >
> > Process for FC5 making the whole website to be under https:
> >
> > - install mod_ssl
> > yum install mod_ssl
> >
> > - open port 443 up
> > system-config-securitylevel-tui
> >   (Customize -> Enable Secure WWW (HTTPS) -> OK -> OK)
> > /etc/init.d/iptables restart
> >
> > - restart lon-capa
> > /etc/init.d/loncontrol stop
> > /etc/init.d/loncontrol start
> > /etc/init.d/httpd restart
> >
> >
> > At this point you should be able to login and lon-capa will work under
> > https://server/*
> >
> >
> > To force everyone to https:
> >
> > - Edit /etc/httpd/conf/httpd.conf
> >
> > - make sure that the line:
> > LoadModule rewrite_module modules/mod_rewrite.so
> >
> > Exists and is not commented out.
> >
> > - add this to the bottom of httpd.conf:
> >
> > RewriteEngine on
> > RewriteCond %{HTTPS} !=on
> > RewriteRule ^/(.*)$ https://%{HTTP_HOST}/$1 [R,L]
> >
> >
> >
> > This only currently works under FC5, all other dists
> > (FC4, RHEL4, and SLES 9 and SuSE 9.3) are more complicated at this
> > time. (But the basic idea is the same.)
> >
> > --
> > guy at albertelli.com   0-7-1-6-27,137
> 
> 
> 
> Hi Guy,
> 
> With your guide, we changed successfully our developement (FC5) laptop
> to run under https. We already tried the changes on our developement
> server with SLES9, but - as expected - it´s not working.
> 
> Please, can you help to get LON-CAPA to run under https with SLES9?
> 
> Thanks,
> Stefan
> 
> 
> _______________________________________________
> LON-CAPA-admin mailing list
> LON-CAPA-admin at mail.lon-capa.org
> http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin

More information about the LON-CAPA-admin mailing list