You are reading the Drake CMS Official Forums archive, available for historical purposes only.
Drake CMS has been rebranded into Lanius CMS, visit the new Lanius CMS Official Forums if you need support about Lanius CMS or Drake CMS -> Lanius CMS migration.
Drake User Managment + Drake Wrapper <--> ProxyPass (Apache)
08 July 2007 11:05
Anonymous
i use der drake wrapper to host a webpage and the drake user
managment to access control to this wrapper-menuitem. the
hosted webpage is behind my apache (internal network) so that i
configured the apache with proxypass to host the page.
example: a) ProxyPass /servicexyz/
http://192.168.0.5:8008/ Wrapper menuitem
= http://myhomepage.org/servicexyz/
now the
problem is that everyone can host /servicexyz but only drake user
should do that! how can i resolve this problem? any
ideas?
legolas558
Re: Drake User Managment + Drake Wrapper <--> ProxyPass (Apache)
10 July 2007 16:12
Anonymous
I think that the only feasible solution is that you retrieve the
proxied page content via PHP (file_get_contents() should do the
trick) and then send it into the output ONLY if
the user has enough priviledges.
This way, if you
never publicly show the internal address you'll be safe. You
might also want to allow only your server to access that internal
page and to suppress any error message that might disclose the
internal address.
aslinux
Re: Drake User Managment + Drake Wrapper <--> ProxyPass (Apache)
10 July 2007 20:08
Anonymous
you mean that wrapper menuitem is set to
http://192.168.0.5:8008/! this way was my first idea too.
but the problem was that form the internet a dns-error
occurred. i´m apache configuration problem?
my
second idea is to use a "apache handler"! <Location /servicexyz/> SetHandler <drake
user managment> Order Allow,Deny Allow from
all </Location>
legolas558
Re: Drake User Managment + Drake Wrapper <--> ProxyPass (Apache)
10 July 2007 21:35
Anonymous
No, I mean that you wrap a .php file containing something like
Code:
global $my; if ($my->gid>=1) { // if the user is
registered echo
file_get_contents('http://192.168.0.5:8008/'); }
But you should be sure that the page at the
internal address does not contains full urls (of your intranet)
in the HTML output; and some raw url rewriting may be needed in
order to allow navigation through such PHP proxy.
aslinux
Re: Drake User Managment + Drake Wrapper <--> ProxyPass (Apache)
2.) start.php to wrap the intranet and use drake user
managment Code:
<?php
require 'core.php'; include
$d_root.'includes/header.php';
global $my; if
($my->gid >=1) { echo
file_get_contents("http://192.168.0.5:8008/");
} ?>
3.) wrapper menu item is set
to http://myhomepage.org/servicexyz/start.php
the page
is correctly displayes. but on the page is a submit-button
and the infos where not correct rewritten!
now http://192.168.0.5:8008/start.php?action=anything
correct http://192.168.0.5:8008/?action=anything
any ideas to correct the RewriteRule?
legolas558
Re: Drake User Managment + Drake Wrapper <--> ProxyPass (Apache)
12 July 2007 21:58
Anonymous
Quote:
i have tested
your idea. generally it works :-)
1.) rewriting in
apache
You should not use Apache rewrite
rules, otherwise people will be able to access your intranet URLs
anyway...
Quote:
2.) start.php to wrap the intranet and use
drake user managment
If you wrap it using
the "PHP include mode" and not the
iframe mode you won't need to include core.php and header.php
Quote:
but on
the page is a submit-button and the infos where not correct
rewritten!
You do not have to use Apache
rewrite rules, you just have to make the necessary str_replace()
(or preg_replace()) on the page content before echoing it out.
Also, you might want to check if $_POST is empty or not and then
have your php script make a POST request and fetch the results on
screen (see the PHP manual for that).
Regards
aslinux
Re: Drake User Managment + Drake Wrapper <--> ProxyPass (Apache)
16 July 2007 14:23
Anonymous
now i have tested the PHP-way.
1.) load the page 2.) load needed src and href files by manipulate the url with
my attribute "remotefile=" 3.) look at $_POST but
always empty!
it seems that the page 192.168.0.5:8008
is build with javascript! when i turn off the login
startpage (later i don´t need this login!) then firstly the next
page is not correctly displayed and secondly an errror
"Invocation of webservice "ibox.xml" failed with
http status code 404" occurred.
Re: Drake User Managment + Drake Wrapper <--> ProxyPass (Apache)
17 July 2007 08:22
Anonymous
This thread is offtopic: not about Drake CMS security neither
Drake CMS Anyway, to address your problem: maybe the page you are
proxying uses AJAX.
I suggest you to start a new topic
in the off-topic area of these forums, then state clearly what is
your situation (e.g. available stuff) and what you want to
achieve. I think it's possible to make it work, btw.
Regards
aslinux
Re: Drake User Managment + Drake Wrapper <--> ProxyPass (Apache)
27 July 2007 12:44
Anonymous
Now i have started the topic "How to implement the ProxyPass
from Apache in PHP?" in the off-topic area.
trex1512
Re: Drake User Managment + Drake Wrapper <--> ProxyPass (Apache)
27 July 2007 16:48
Anonymous
Hi
No worries.. Hope you
can get a discussion going to help you out...