Loading ...
Sorry, an error occurred while loading the content.

Re: [fitnesse] Re: Securing the fitnesse home page

Expand Messages
  • Micah Martin
    Lawrence, This broken links are caused by a mix up of root paths. FitNesse uses links relative to / but your ProxyPass changes the root path to /fitnesse. You
    Message 1 of 7 , Apr 1, 2004
    • 0 Attachment
      Lawrence,

      This broken links are caused by a mix up of root paths. FitNesse uses
      links relative to / but your ProxyPass changes the root path to
      /fitnesse.
      You can avoid this problem by using a combination of name based
      VirtualHosts and ProxyPass. Here's an example:

      NameVirtualHost *:80
      NameVirtualHost *:443

      <VirtualHost *:443>
      ServerName fitnesse.apachemachine.com
      ProxyPass / http://localhost:8080/
      ProxyPassReverse / http://localhost:8080/
      </VirtualHost>

      For this example to work you'll need to map the
      fitnesse.apachemachine.com sub domain.

      Now Zope uses another solution called a SiteRoot which can internally
      convert /fitnesse into / when dealing with relative paths. This
      feature can cause some pretty scary behavior but it works. We may
      consider a similar feature for FitNesse but it won't have a high
      priority.

      Micah Martin
      Object Mentor, Inc.
      www.objectmentor.com

      On Mar 31, 2004, at 3:49 PM, Lawrence wrote:

      > Thanks, Micah.
      >
      > I put an Apache web server and do a proxypass to fitnesse which is
      > running on port 8080.
      >
      > In httpd.conf, I have --ProxyPass /fitnesse http://localhost:8080--
      >
      > When I hit the url http://apachemachine/fitnesse, it shows the
      > fitnesse home page without images and subsequent pages fails.How do
      > I fix this?
      >
      > Thanks
      >
      > Lawrence
      >
      > --- In fitnesse@yahoogroups.com, Micah Martin <micah@o...> wrote:
      >> On Mar 25, 2004, at 12:47 PM, Lawrence wrote:
      >>
      >>> Folks,
      >>>
      >>> I am running fitnesse on port 80 and my company wants to have
      > some
      >>> kind of authentication to browse/work through fitnesse tool.Is
      > there
      >>> a way to implement?
      >>
      >> We've already implemented a simple (one user) authentication
      > scheme
      >> that will be available in the next release (soon). It's likely
      > that
      >> we'll also implement multiple users by then as well.
      >>
      >>> And also, Is it possible to run fitnesse on other web servers?
      >>
      >> FitNesse is a stand-alone web server. I'm not sure how else to
      > answer
      >> this.
      >>
      >> In one case I have Apache running in the foreground dealing with
      > SSL,
      >> then redirecting to FitNesse which is running on a protected
      > port.
      >> With this combination it is possible to have FitNesse running as a
      >> fully encrypted and authenticating site.
      >>
      >> Micah
      >
      >
      >
      >
      >
      > Yahoo! Groups Links
      >
      >
      >
      >
      >
    • Lawrence
      Micah, It doesn t seem to be working. I gave the below in httpd.conf of Apache NameVirtualHost *:443 ServerName localhost ProxyPass /
      Message 2 of 7 , Apr 1, 2004
      • 0 Attachment
        Micah,
        It doesn't seem to be working.

        I gave the below in httpd.conf of Apache

        NameVirtualHost *:443
        <VirtualHost *:443>
        ServerName localhost
        ProxyPass / http://localhost:8080
        ProxyPassReverse / http://localhost:8080
        </VirtualHost>

        (http://localhost:8080 is fitnesse)

        When I try, http://localhost:443/fitnesse, it fails.

        Can you help me out here?

        Thanks
        Lawrence

        --- In fitnesse@yahoogroups.com, Micah Martin <micah@o...> wrote:
        > Lawrence,
        >
        > This broken links are caused by a mix up of root paths.
        FitNesse uses
        > links relative to / but your ProxyPass changes the root path to
        > /fitnesse.
        > You can avoid this problem by using a combination of name
        based
        > VirtualHosts and ProxyPass. Here's an example:
        >
        > NameVirtualHost *:80
        > NameVirtualHost *:443
        >
        > <VirtualHost *:443>
        > ServerName fitnesse.apachemachine.com
        > ProxyPass / http://localhost:8080/
        > ProxyPassReverse / http://localhost:8080/
        > </VirtualHost>
        >
        > For this example to work you'll need to map the
        > fitnesse.apachemachine.com sub domain.
        >
        > Now Zope uses another solution called a SiteRoot which can
        internally
        > convert /fitnesse into / when dealing with relative paths. This
        > feature can cause some pretty scary behavior but it works. We
        may
        > consider a similar feature for FitNesse but it won't have a high
        > priority.
        >
        > Micah Martin
        > Object Mentor, Inc.
        > www.objectmentor.com
        >
        > On Mar 31, 2004, at 3:49 PM, Lawrence wrote:
        >
        > > Thanks, Micah.
        > >
        > > I put an Apache web server and do a proxypass to fitnesse which
        is
        > > running on port 8080.
        > >
        > > In httpd.conf, I have --ProxyPass /fitnesse
        http://localhost:8080--
        > >
        > > When I hit the url http://apachemachine/fitnesse, it shows the
        > > fitnesse home page without images and subsequent pages fails.How
        do
        > > I fix this?
        > >
        > > Thanks
        > >
        > > Lawrence
        > >
        > > --- In fitnesse@yahoogroups.com, Micah Martin <micah@o...> wrote:
        > >> On Mar 25, 2004, at 12:47 PM, Lawrence wrote:
        > >>
        > >>> Folks,
        > >>>
        > >>> I am running fitnesse on port 80 and my company wants to have
        > > some
        > >>> kind of authentication to browse/work through fitnesse tool.Is
        > > there
        > >>> a way to implement?
        > >>
        > >> We've already implemented a simple (one user) authentication
        > > scheme
        > >> that will be available in the next release (soon). It's likely
        > > that
        > >> we'll also implement multiple users by then as well.
        > >>
        > >>> And also, Is it possible to run fitnesse on other web servers?
        > >>
        > >> FitNesse is a stand-alone web server. I'm not sure how else to
        > > answer
        > >> this.
        > >>
        > >> In one case I have Apache running in the foreground dealing with
        > > SSL,
        > >> then redirecting to FitNesse which is running on a protected
        > > port.
        > >> With this combination it is possible to have FitNesse running
        as a
        > >> fully encrypted and authenticating site.
        > >>
        > >> Micah
        > >
        > >
        > >
        > >
        > >
        > > Yahoo! Groups Links
        > >
        > >
        > >
        > >
        > >
      • Micah Martin
        ... Certainly. First of all, port 443 is the default HTTPS secure socket which will force encryption. Using a URL like http://localhost:443/ wont work
        Message 3 of 7 , Apr 1, 2004
        • 0 Attachment
          > When I try, http://localhost:443/fitnesse, it fails.
          >
          > Can you help me out here?

          Certainly. First of all, port 443 is the default HTTPS secure socket
          which will force encryption. Using a URL like http://localhost:443/
          wont work because HTTP doesn't use encryption.

          To make the example work you must use the URL
          https://fitnesse.apachemachine.com This means that
          fitnesse.apachemachine.com must map to your server. You can make this
          work on your machine by editing your hosts file, but you'll have to
          register the subdomain with a DNS server to get it to work from any
          computer. Your server must also have SSL configured. If you don't
          want to deal with encryption then you can change the httpd.conf entry
          using <VirtualHost *:80> instead of *:443 and then you can use
          http://fitnesse.apachemachine.com

          > NameVirtualHost *:80
          > NameVirtualHost *:443
          >
          > <VirtualHost *:443>
          > ServerName fitnesse.apachemachine.com
          > ProxyPass / http://localhost:8080/
          > ProxyPassReverse / http://localhost:8080/
          > </VirtualHost>
        • Lawrence
          THANK YOU, MICAH. IT WORKS GREAT :):) ... socket ... http://localhost:443/ ... this ... to ... any ... don t ... entry
          Message 4 of 7 , Apr 5, 2004
          • 0 Attachment
            THANK YOU, MICAH. IT WORKS GREAT :):)

            --- In fitnesse@yahoogroups.com, Micah Martin <micah@o...> wrote:
            > > When I try, http://localhost:443/fitnesse, it fails.
            > >
            > > Can you help me out here?
            >
            > Certainly. First of all, port 443 is the default HTTPS secure
            socket
            > which will force encryption. Using a URL like
            http://localhost:443/
            > wont work because HTTP doesn't use encryption.
            >
            > To make the example work you must use the URL
            > https://fitnesse.apachemachine.com This means that
            > fitnesse.apachemachine.com must map to your server. You can make
            this
            > work on your machine by editing your hosts file, but you'll have
            to
            > register the subdomain with a DNS server to get it to work from
            any
            > computer. Your server must also have SSL configured. If you
            don't
            > want to deal with encryption then you can change the httpd.conf
            entry
            > using <VirtualHost *:80> instead of *:443 and then you can use
            > http://fitnesse.apachemachine.com
            >
            > > NameVirtualHost *:80
            > > NameVirtualHost *:443
            > >
            > > <VirtualHost *:443>
            > > ServerName fitnesse.apachemachine.com
            > > ProxyPass / http://localhost:8080/
            > > ProxyPassReverse / http://localhost:8080/
            > > </VirtualHost>
          Your message has been successfully submitted and would be delivered to recipients shortly.